CVE-2021-28570

Summary

Adobe After Effects version 18.1 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An unauthenticated attacker could exploit this to to plant custom binaries and execute them with System permissions. Exploitation of this issue requires user interaction.

Affected Software

VendorProductVersion RangeStatus
AdobeAfter Effectsunspecified <= 18.1affected
AdobeAfter Effectsunspecified <= Noneaffected

Weaknesses

  • CWE-427: Uncontrolled Search Path Element (CWE-427)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References