Adobe addresses two critical vulnerabilities in Photoshop

Pierluigi Paganini April 13, 2021

Adobe has addressed security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp.

Adobe has fixed ten security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp.

Seven vulnerabilities have been rated as critical, some of them could be exploited by remote attackers to execute arbitrary code.

Adobe has released two buffer overflow issues, tracked CVE-2021-28548 and CVE-2021-28549, that could lead to arbitrary code execution. Both issues were reported by guoxi of venustech ADLab. Affected Versions are:

ProductAffected versionPlatform
Photoshop 202021.2.6 and earlier versionsWindows and macOS 
Photoshop 202122.3 and earlier versions     Windows and macOS

The tech giant also addressed four ‘Critical’ code execution flaws and two vulnerabilities rated as ‘Important’ in the Adobe Bridge.

In the following table are reported vulnerability details:

Vulnerability CategoryVulnerability ImpactSeverityCVE Numbers
Out-of-bounds readInformation DisclosureImportantCVE-2021-21091
Improper AuthorizationPrivilege EscalationImportantCVE-2021-21096
Memory CorruptionArbitrary code execution   Critical  CVE-2021-21093CVE-2021-21092
Out-of-bounds writeArbitrary code executionCriticalCVE-2021-21094CVE-2021-21095

The issues were reported by Francis Provencher from Trend Micro Zero Day Initiative (CVE-2021-21091, CVE-2021-21092, CVE-2021-21093, CVE-2021-21094), Tran Van Khang – khangkito (VinCSS) CVE-2021-21095), and ikth working with Trend Micro Zero Day Initiative (CVE-2021-21096).

Adobe also fixed a critical Privilege Escalation vulnerability in Adobe Digital Editions for macOS, tracked as CVE-2021-21100, and an Important Privilege Escalation vulnerability in RoboHelp, tracked as CVE-2021-21070.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Photoshop)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment