CVE-2021-21100

Summary

Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary file system write in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected Software

VendorProductVersion RangeStatus
AdobeDigital Editionsunspecified <= 4.5.11.187245affected
AdobeDigital Editionsunspecified <= Noneaffected

Weaknesses

  • CWE-379: Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References