CVE-2021-43757
First published: Wed Jul 12 2023(Updated: )
Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious 3GP ?file
Credit: psirt@adobe.com psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Media Encoder | <15.4.3 | |
| Adobe Media Encoder | =22.0 | |
| Apple macOS | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-43757?
CVE-2021-43757 is an out-of-bounds read vulnerability in Adobe Media Encoder versions 22.0 and 15.4.2 (and earlier) that could lead to disclosure of sensitive memory.
What software versions are affected by CVE-2021-43757?
Adobe Media Encoder versions 22.0 and 15.4.2 (and earlier) are affected by CVE-2021-43757.
What is the severity of CVE-2021-43757?
CVE-2021-43757 has a severity level of 7 (high).
How can CVE-2021-43757 be exploited?
Exploitation of CVE-2021-43757 requires user interaction.
How can I mitigate CVE-2021-43757?
To mitigate CVE-2021-43757, it is recommended to update Adobe Media Encoder to version 15.4.3 or later.
- collector/nvd-latest
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe media encoder
- version/adobe media encoder/22.0
- vendor/apple
- canonical/apple macos
- vendor/microsoft
- canonical/microsoft windows