CVE-2021-35980: Adobe Acrobat Reader SpellDictionaryExport Path Traversal Remote Code Execution Vulnerability
First published: Wed Sep 06 2023(Updated: )
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Path traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Acrobat Reader | >=17.011.30180<17.011.30199 | |
| Adobe Acrobat Reader | >=20.001.30005<20.004.30006 | |
| Adobe Acrobat Dc | >=15.007.20033<21.005.20058 | |
| Adobe Acrobat Reader | >=17.011.30180<17.011.30199 | |
| Adobe Acrobat Reader | >=20.001.30005<20.004.30006 | |
| Adobe Acrobat Reader DC | >=15.007.20033<21.005.20058 | |
| Apple macOS | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this Adobe Acrobat Reader vulnerability?
The vulnerability ID for this Adobe Acrobat Reader vulnerability is CVE-2021-35980.
What is the severity rating of CVE-2021-35980?
The severity rating of CVE-2021-35980 is 7.8 (High).
Which versions of Adobe Acrobat Reader are affected by CVE-2021-35980?
Adobe Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier), and 2017.011.30197 (and earlier) are affected by CVE-2021-35980.
How can an attacker leverage CVE-2021-35980?
An unauthenticated attacker could leverage CVE-2021-35980 to achieve arbitrary code execution in the context of the current user.
Where can I find more information about CVE-2021-35980?
You can find more information about CVE-2021-35980 at the following link: [Adobe Security Bulletin APSB21-51](https://helpx.adobe.com/security/products/acrobat/apsb21-51.html).
- agent/author
- agent/type
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/weakness
- agent/references
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/severity
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/tags
- vendor/adobe
- canonical/adobe acrobat reader
- version/adobe acrobat reader/17.011.30180
- version/adobe acrobat reader/20.001.30005
- canonical/adobe acrobat dc
- version/adobe acrobat dc/15.007.20033
- canonical/adobe acrobat reader dc
- version/adobe acrobat reader dc/15.007.20033
- vendor/apple
- canonical/apple macos
- vendor/microsoft
- canonical/microsoft windows