CVE-2021-21008: Uncontrolled Search Path Element vulnerability in Animate 21.0
First published: Wed Jan 13 2021(Updated: )
Adobe Animate version 21.0 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Animate | <=21.0 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this Adobe Animate vulnerability?
The vulnerability ID of this Adobe Animate vulnerability is CVE-2021-21008.
What is the severity level of CVE-2021-21008?
CVE-2021-21008 has a severity level of high.
How does CVE-2021-21008 affect Adobe Animate?
CVE-2021-21008 affects Adobe Animate version 21.0 (and earlier) by allowing an uncontrolled search path element that could result in arbitrary code execution.
What kind of user interaction is required for the exploitation of CVE-2021-21008?
Exploitation of CVE-2021-21008 requires user interaction in that a victim must open a malicious file.
Is Microsoft Windows affected by CVE-2021-21008?
No, Microsoft Windows is not affected by CVE-2021-21008.
How can I fix the vulnerability CVE-2021-21008?
To fix the CVE-2021-21008 vulnerability, update Adobe Animate to version 21.0.1 or later.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/title
- agent/weakness
- agent/references
- agent/author
- agent/last-modified-date
- agent/event
- agent/tags
- agent/description
- agent/first-publish-date
- vendor/adobe
- canonical/adobe animate
- version/adobe animate/21.0
- vendor/microsoft
- canonical/microsoft windows