CVE-2021-39827: Adobe Digital Editions Installer flaw leads to Arbitrary File System Write
First published: Tue Sep 14 2021(Updated: )
Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary file write vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to write an arbitrary file to the system. User interaction is required before product installation to abuse this vulnerability.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Digital Editions | <=4.5.11.187646 | |
| Apple macOS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-39827?
CVE-2021-39827 is an arbitrary file write vulnerability in the Digital Editions installer of Adobe Digital Editions 4.5.11.187646 and earlier versions.
What is the severity of CVE-2021-39827?
CVE-2021-39827 has a severity rating of 6.5, which is considered medium.
How does CVE-2021-39827 affect Adobe Digital Editions?
CVE-2021-39827 allows an authenticated attacker to write an arbitrary file to the system through the Digital Editions installer of Adobe Digital Editions 4.5.11.187646 and earlier versions.
Is Apple macOS vulnerable to CVE-2021-39827?
No, Apple macOS is not vulnerable to CVE-2021-39827.
How can I mitigate CVE-2021-39827?
To mitigate CVE-2021-39827, update Adobe Digital Editions to version 4.5.12 or later as recommended by Adobe.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/title
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/author
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/adobe
- canonical/adobe digital editions
- version/adobe digital editions/4.5.11.187646
- vendor/apple
- canonical/apple macos