CVE-2021-40780: Adobe Media Encoder MXF file memory corruption vulnerability could lead to arbitrary code execution
First published: Tue Oct 26 2021(Updated: )
Adobe Media Encoder version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Media Encoder | <=15.4.1 | |
| Apple macOS | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2021-40780.
What is the severity rating of CVE-2021-40780?
The severity rating of CVE-2021-40780 is critical.
What is the affected software for CVE-2021-40780?
The affected software for CVE-2021-40780 is Adobe Media Encoder version 15.4.1 (and earlier).
How can this vulnerability be exploited?
This vulnerability can be exploited by insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user.
Is user interaction required to exploit CVE-2021-40780?
Yes, user interaction is required to exploit CVE-2021-40780.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/title
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/severity
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- vendor/adobe
- canonical/adobe media encoder
- version/adobe media encoder/15.4.1
- vendor/apple
- canonical/apple macos
- vendor/microsoft
- canonical/microsoft windows