CVE-2021-21070: Privilege Escalation Vulnerability in Adobe RoboHelp
First published: Mon Apr 19 2021(Updated: )
Adobe Robohelp version 2020.0.3 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with admin permissions to write to the file system could leverage this vulnerability to escalate privileges.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe RoboHelp | <2020.0.4 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2021-21070?
CVE-2021-21070 has a medium severity level due to its potential for privilege escalation.
How do I fix CVE-2021-21070?
To remediate CVE-2021-21070, update Adobe RoboHelp to version 2020.0.4 or later.
Who is affected by CVE-2021-21070?
CVE-2021-21070 affects users of Adobe RoboHelp version 2020.0.3 and earlier.
What types of attacks can exploit CVE-2021-21070?
CVE-2021-21070 can be exploited by an attacker with admin permissions to elevate their privileges.
What is the nature of the vulnerability in CVE-2021-21070?
CVE-2021-21070 is an uncontrolled search path element vulnerability leading to privilege escalation.
- agent/type
- agent/softwarecombine
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/remedy
- agent/title
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe robohelp
- vendor/microsoft
- canonical/microsoft windows