What is the severity of CVE-2021-44710?

CVE-2021-44710 is rated as critical due to its potential for arbitrary code execution.

How do I fix CVE-2021-44710?

To fix CVE-2021-44710, update Adobe Acrobat Reader DC to the latest version provided by Adobe.

What versions are affected by CVE-2021-44710?

CVE-2021-44710 affects Adobe Acrobat Reader DC versions 21.007.20099 and earlier, as well as other specified versions of Acrobat.

Can CVE-2021-44710 lead to a data breach?

Yes, CVE-2021-44710 can potentially lead to a data breach if exploited, as it allows arbitrary code execution.

Is CVE-2021-44710 specific to Windows?

No, CVE-2021-44710 affects Adobe Acrobat products on multiple operating systems, including Windows and macOS.

Vulnerability/
CVE-2021-44710

critical

9.3

CWE

416

11/1/2022

4/8/2024

CVE-2021-44710: Adobe Acrobat Reader Use-after-free could lead to Arbitrary code execution

First published: Tue Jan 11 2022(Updated: )

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe Acrobat Reader DC	>=15.008.20082<=21.007.20099
Adobe Acrobat Reader	>=15.008.20082<=21.007.20099
Microsoft Windows Operating System
Adobe Acrobat Reader	>=17.011.30059<=17.011.30204
Adobe Acrobat Reader	>=20.001.30005<=20.004.30017
Adobe Acrobat Reader Notification Manager	>=17.011.30059<=17.011.30204
Adobe Acrobat Reader Notification Manager	>=20.001.30005<=20.004.30017
macOS

Never miss a vulnerability like this again

Reference Links

https://helpx.adobe.com/security/products/acrobat/apsb22-01.html

Frequently Asked Questions

What is the severity of CVE-2021-44710?
CVE-2021-44710 is rated as critical due to its potential for arbitrary code execution.
How do I fix CVE-2021-44710?
To fix CVE-2021-44710, update Adobe Acrobat Reader DC to the latest version provided by Adobe.
What versions are affected by CVE-2021-44710?
CVE-2021-44710 affects Adobe Acrobat Reader DC versions 21.007.20099 and earlier, as well as other specified versions of Acrobat.
Can CVE-2021-44710 lead to a data breach?
Yes, CVE-2021-44710 can potentially lead to a data breach if exploited, as it allows arbitrary code execution.
Is CVE-2021-44710 specific to Windows?
No, CVE-2021-44710 affects Adobe Acrobat products on multiple operating systems, including Windows and macOS.

agent/type
agent/author
agent/references
agent/weakness
agent/description
collector/mitre-cve
source/MITRE
agent/severity
agent/title
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/adobe
canonical/adobe acrobat reader dc
version/adobe acrobat reader dc/15.008.20082
version/adobe acrobat reader dc/21.007.20099
canonical/adobe acrobat reader
version/adobe acrobat reader/15.008.20082
version/adobe acrobat reader/21.007.20099
vendor/microsoft
canonical/microsoft windows operating system
version/adobe acrobat reader/17.011.30059
version/adobe acrobat reader/17.011.30204
version/adobe acrobat reader/20.001.30005
version/adobe acrobat reader/20.004.30017
canonical/adobe acrobat reader notification manager
version/adobe acrobat reader notification manager/17.011.30059
version/adobe acrobat reader notification manager/17.011.30204
version/adobe acrobat reader notification manager/20.001.30005
version/adobe acrobat reader notification manager/20.004.30017
vendor/apple
canonical/macos