Security News > 2021 > September > Adobe Snuffs Critical Bugs in Acrobat, Experience Manager

Adobe Snuffs Critical Bugs in Acrobat, Experience Manager
2021-09-14 21:02

Adobe is urging its throngs of Acrobat Reader users to update their software to fix critical vulnerabilities that could allow adversaries to execute arbitrary code on unpatched versions.

As for the Adobe Acrobat family of software, 26 bugs were patched, 13 of which were critical and given an Adobe priority rating of "2," meaning that the affected product is at "Elevated risk" of being attacked.

"If you're still using ColdFusion, you'll definitely want to patch the two critical rated security feature bypass bugs being fixed today," ZDI continued.

Of those Adobe bugs rated the highest in severity - when it comes to MITRE's Common Vulnerability Scoring System - standouts include a Framemaker bug rated 8.8.

Another 8.8 high-severity bug, like the former, allows a threat actor to execute code arbitrarily in versions of Adobe InDesign.

None of the bugs fixed by Adobe this month are believed to be publicly known or under active attack, according to Adobe.


News URL

https://threatpost.com/adobe-bugs-acrobat-experience-manager/169467/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Adobe 105 47 824 1650 622 3143