According to The Hacker News blog post, Adobe has released Patch Tuesday updates for the month of May with fixes for multiple vulnerabilities spanning 12 different products, including a zero-day flaw affecting Adobe Reader that's actively exploited in the wild.
Below are quick analysis of the 19 CVE mentioned in the blog post.
[*] Searching cve-[['2021-28550', '2021-21101', '2021-21102', '2021-21103', '2021-21104', '2021-21105', '2021-28561', '2021-28553', '2021-28561', '2021-28560', '2021-28558', '2021-28557', '2021-28555', '2021-28565', '2021-28564', '2021-21044', '2021-21038', '2021-21086', '2021-28559']] vulnerability definitions within Kenna.VI+....
[ CVE Description ]
[*] CVE_ID : CVE-2021-28550
[_] Desc : Adobe Acrobat and Adobe Reader could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
[_] C:2021-03-16 / P:2021-05-11 / L:2021-05-11
[*] Vuln Risk : 22.4327
[*] Exploited [trend] : 0 [holding]
[_] Exploit/likehood : False/0.0613% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [2]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 7.2 / 7.8 ]
[_] Vuln Products : [0]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : None ]
[ CVE Description ]
[*] CVE_ID : CVE-2021-21101
[_] Desc : Adobe Illustrator could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
[_] C:2020-12-19 / P:2021-05-11 / L:2021-05-11
[*] Vuln Risk : 20.3933
[*] Exploited [trend] : 0 [holding]
[_] Exploit/likehood : False/0.0101% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [1]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 7.2 / 7.8 ]
[_] Vuln Products : [0]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : 1 ]
[ CVE Description ]
[*] CVE_ID : CVE-2021-21102
[_] Desc : Adobe Illustrator could allow a remote attacker to execute arbitrary code on the system, caused by a path traversal error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
[_] C:2020-12-19 / P:2021-05-11 / L:2021-05-11
[*] Vuln Risk : 20.3933
[*] Exploited [trend] : 0 [holding]
[_] Exploit/likehood : False/0.0478% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [1]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 7.2 / 7.8 ]
[_] Vuln Products : [0]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : None ]
[ CVE Description ]
[*] CVE_ID : CVE-2021-21103
[_] Desc : Adobe Illustrator could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
[_] C:2020-12-19 / P:2021-05-11 / L:2021-05-11
[*] Vuln Risk : 20.3933
[*] Exploited [trend] : 0 [holding]
[_] Exploit/likehood : False/0.0148% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [1]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 7.2 / 7.8 ]
[_] Vuln Products : [0]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : None ]
[ CVE Description ]
[*] CVE_ID : CVE-2021-21104
[_] Desc : Adobe Illustrator could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
[_] C:2020-12-19 / P:2021-05-11 / L:2021-05-11
[*] Vuln Risk : 30.59
[*] Exploited [trend] : 0 [holding] [Pre_NVD]
[_] Exploit/likehood : False/0.0148% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [1]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 7.2 / 7.8 ]
[_] Vuln Products : [0]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : 1 ]
[ CVE Description ]
[*] CVE_ID : CVE-2021-21105
[_] Desc : Adobe Illustrator could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
[_] C:2020-12-19 / P:2021-05-11 / L:2021-05-11
[*] Vuln Risk : 30.59
[*] Exploited [trend] : 0 [holding] [Pre_NVD]
[_] Exploit/likehood : False/0.0148% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [1]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 7.2 / 7.8 ]
[_] Vuln Products : [0]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : 2 ]
[ CVE Description ]
[*] CVE_ID : CVE-2021-28561
[_] Desc : Adobe Acrobat and Adobe Reader are vulnerable to a buffer overflow. By persuading a victim to open a specially-crafted document, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
[_] C:2021-03-16 / P:2021-05-11 / L:2021-05-11
[*] Vuln Risk : 22.4327
[*] Exploited [trend] : 0 [holding]
[_] Exploit/likehood : False/3.4434% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [2]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 7.2 / 7.8 ]
[_] Vuln Products : [0]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : None ]
[ CVE Description ]
[*] CVE_ID : CVE-2021-28553
[_] Desc : Adobe Acrobat and Adobe Reader could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
[_] C:2021-03-16 / P:2021-05-11 / L:2021-05-11
[*] Vuln Risk : 22.4327
[*] Exploited [trend] : 0 [holding]
[_] Exploit/likehood : False/0.0613% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [2]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 7.2 / 7.8 ]
[_] Vuln Products : [0]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : 0 ]
[ CVE Description ]
[*] CVE_ID : CVE-2021-28560
[_] Desc : Adobe Acrobat and Adobe Reader are vulnerable to a heap-based buffer overflow. By persuading a victim to open a specially-crafted document, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
[_] C:2021-03-16 / P:2021-05-11 / L:2021-05-11
[*] Vuln Risk : 22.4327
[*] Exploited [trend] : 0 [holding]
[_] Exploit/likehood : False/1.4553% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [2]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 7.2 / 7.8 ]
[_] Vuln Products : [0]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : 0 ]
[ CVE Description ]
[*] CVE_ID : CVE-2021-28558
[_] Desc : Adobe Acrobat and Adobe Reader are vulnerable to a heap-based buffer overflow. By persuading a victim to open a specially-crafted document, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
[_] C:2021-03-16 / P:2021-05-11 / L:2021-05-11
[*] Vuln Risk : 22.4327
[*] Exploited [trend] : 0 [holding]
[_] Exploit/likehood : False/1.4553% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [2]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 7.2 / 7.8 ]
[_] Vuln Products : [0]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : 0 ]
[ CVE Description ]
[*] CVE_ID : CVE-2021-28557
[_] Desc : Adobe Acrobat and Adobe Reader could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to leak memory.
[_] C:2021-03-16 / P:2021-05-11 / L:2021-05-11
[*] Vuln Risk : 18.354
[*] Exploited [trend] : 0 [holding]
[_] Exploit/likehood : False/0.0449% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [2]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 4.9 / 5.5 ]
[_] Vuln Products : [0]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : None ]
[ CVE Description ]
[*] CVE_ID : CVE-2021-28555
[_] Desc : Adobe Acrobat and Adobe Reader could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.
[_] C:2021-03-16 / P:2021-05-11 / L:2021-05-11
[*] Vuln Risk : 18.354
[*] Exploited [trend] : 0 [holding]
[_] Exploit/likehood : False/0.0948% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [2]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 4.9 / 5.5 ]
[_] Vuln Products : [0]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : None ]
[ CVE Description ]
[*] CVE_ID : CVE-2021-28565
[_] Desc : Adobe Acrobat and Adobe Reader could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
[_] C:2021-03-16 / P:2021-05-11 / L:2021-05-11
[*] Vuln Risk : 22.4327
[*] Exploited [trend] : 0 [holding]
[_] Exploit/likehood : False/0.0408% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [2]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 7.2 / 7.8 ]
[_] Vuln Products : [0]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : 0 ]
[ CVE Description ]
[*] CVE_ID : CVE-2021-28564
[_] Desc : Adobe Acrobat and Adobe Reader could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
[_] C:2021-03-16 / P:2021-05-11 / L:2021-05-11
[*] Vuln Risk : 22.4327
[*] Exploited [trend] : 0 [holding]
[_] Exploit/likehood : False/0.0317% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [2]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 7.2 / 7.8 ]
[_] Vuln Products : [0]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : None ]
[ CVE Description ]
[*] CVE_ID : CVE-2021-21044
[_] Desc : Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a crafted jpeg file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
[_] C:2020-12-19 / P:2021-02-11 / L:2021-02-14
[*] Vuln Risk : 36.5762
[*] Exploited [trend] : 0 [holding] [RCE]
[_] Exploit/likehood : False/11.8917% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [3]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 9.3 / 7.8 ]
[_] Vuln Products : [4]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : None ]
[ CVE Description ]
[*] CVE_ID : CVE-2021-21038
[_] Desc : Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a crafted jpeg file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
[_] C:2020-12-19 / P:2021-02-11 / L:2021-02-12
[*] Vuln Risk : 32.4994
[*] Exploited [trend] : 0 [holding] [RCE]
[_] Exploit/likehood : False/8.2756% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [3]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 6.8 / 7.8 ]
[_] Vuln Products : [4]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : None ]
[ CVE Description ]
[*] CVE_ID : CVE-2021-21086
[_] Desc : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
[_] C:2020-12-19 / P:None / L:None
[*] Vuln Risk : 27.5
[*] Exploited [trend] : 0 [holding]
[_] Exploit/likehood : False/None
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [3]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ None / None ]
[_] Vuln Products : [0]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : None ]
[ CVE Description ]
[*] CVE_ID : CVE-2021-28559
[_] Desc : Adobe Acrobat and Adobe Reader could allow a remote attacker to obtain sensitive information, caused by the exposure of private information. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information and gain elevated privileges on the system.
[_] C:2021-03-16 / P:2021-05-11 / L:2021-05-11
[*] Vuln Risk : 18.354
[*] Exploited [trend] : 0 [holding]
[_] Exploit/likehood : False/0.1838% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [2]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 4.9 / 5.5 ]
[_] Vuln Products : [0]
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : 0 ]
[ High_Profile_Vulnerability ]
[!!!] CVE-2021-28550 (22.4327) : []
[!!!] CVE-2021-21101 (20.3933) : []
[!!!] CVE-2021-21102 (20.3933) : []
[!!!] CVE-2021-21103 (20.3933) : []
[!!!] CVE-2021-21104 (30.59) : []
[!!!] CVE-2021-21105 (30.59) : []
[!!!] CVE-2021-28561 (22.4327) : []
[!!!] CVE-2021-28553 (22.4327) : []
[!!!] CVE-2021-28560 (22.4327) : []
[!!!] CVE-2021-28558 (22.4327) : []
[!!!] CVE-2021-28557 (18.354) : []
[!!!] CVE-2021-28555 (18.354) : []
[!!!] CVE-2021-28565 (22.4327) : []
[!!!] CVE-2021-28564 (22.4327) : []
[!!!] CVE-2021-21044 (36.5762) : []
[!!!] CVE-2021-21038 (32.4994) : []
[!!!] CVE-2021-21086 (27.5) : []
[!!!] CVE-2021-28559 (18.354) : []
** [5] threads completed [54 tasks] / [42.89 KB] within [83.40 sec].
Links:
- https://thehackernews.com/2021/05/alert-hackers-exploit-adobe-reader-0.html