Intrusion PreventionAdobe.Reader.CVE-2021-21045.Privilege.Elevation
Description
This indicates an attack attempt to exploit a Security Bypass vulnerability in Adobe Acrobat Reader.
The vulnerability is due to the vulnerable software fails to properly set ACLs on its installation directory. An attacker may be able to exploit this to escalate their privileges on vulnerable systems.
Affected Products
Adobe Acrobat DC Continuous for Windows 2017.011.30161
Adobe Acrobat DC Continuous for Macintosh 2017.011.30161
Adobe Acrobat Reader DC Continuous for Windows 2017.011.30161
Adobe Acrobat Reader DC Continuous for Macintosh 2017.011.30161
Adobe Acrobat DC Classic for Windows 2015.006.30512
Adobe Acrobat DC Classic for Macintosh 2015.006.30512
Adobe Acrobat Reader DC Classic for Windows 2015.006.30512
Adobe Acrobat Reader DC Classic for Macintosh 2015.006.30512
Impact
Privilege Escalation: Remote attackers can leverage their privilege on the vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://helpx.adobe.com/security/products/acrobat/apsb21-09.html
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 49835 |
| Created | Feb 16, 2021 |
| Updated | Oct 20, 2021 |
| Risk |
|
| CVE ID | CVE-2021-21045 |
| Exploit Prediction Score | 0.06% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, MacOS |
| Affected App | Adobe |