Exposures › CVE-2021-21017
CVE-2021-21017
Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2021-11-03
Reference
⚡ RCE
⌖ exploited in the wild
shame 65/100
rceexploited-in-wild
Acrobat Acrobat and Reader contain a heap-based buffer overflow vulnerability that could allow an unauthenticated attacker to achieve code execution in the context of the current user.
Players implicated
Description
Acrobat Acrobat and Reader contain a heap-based buffer overflow vulnerability that could allow an unauthenticated attacker to achieve code execution in the context of the current user.
Sentiment · trusted sources
-
synthesis neutral +0.00No sentiment expressed; sources are technical databases or aggregators without commentary on Adobe's handling.
-
Neutral technical description; no sentiment toward Adobe.
“Acrobat Acrobat and Reader contain a heap-based buffer overflow vulnerability that could allow an unauthenticated attacker to achieve code execution in the context of the current user.”
-
Neutral database listing; no sentiment toward Adobe.
-
Neutral database listing; no sentiment toward Adobe.
-
Neutral database listing; no sentiment toward Adobe.
-
Neutral database listing; no sentiment toward Adobe.
Affected FedRAMP products 8 in the catalog
| Product | Provider | Status | Match |
|---|---|---|---|
| Adobe Acrobat Sign for Government | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Analytics | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Campaign | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Connect Managed Services (ACMS-GC) | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Creative Cloud for Enterprise | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Document Cloud (PDF Services & Adobe Sign) | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Experience Manager Managed Services (AEMMS-GC) | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Learning Manager | Adobe | Authorized | vendor-exact · 0.90 |