Adobe has released security updates providing fixes for 34 critical vulnerabilities in Adobe Acrobat and Reader, Premiere Pro, InCopy, etc. A total of 52 security vulnerabilities have been patched in this release. Most of these vulnerabilities could lead to arbitrary code execution on successful exploitation. These flaws affect Windows and macOS.
There are no reports of any of the above vulnerabilities being actively exploited.
Adobe Acrobat and Reader received fixes for 13 critical vulnerabilities. Adobe Premiere Pro, InCopy, ColdFusion and, Digital Editions received fixes for two critical vulnerabilities each. Adobe InDesign received fixes for three critical vulnerabilities. Adobe Premiere Elements received fixes for four critical vulnerabilities. Adobe SVG-Native-Viewer, Creative Cloud Desktop Application, Photoshop, Photoshop Elements, Genuine Service, and Experience Manager received fixes for one critical vulnerability each.
Adobe Security Bulletin Summary for September 2021
Product: Adobe Acrobat and Reader
Advisory/CVEs: APSB21-55, CVE-2021-35982, CVE-2021-39836, CVE-2021-39837, CVE-2021-39838, CVE-2021-39839, CVE-2021-39840, CVE-2021-39841, CVE-2021-39842, CVE-2021-39843, CVE-2021-39844, CVE-2021-39845, CVE-2021-39846, CVE-2021-39849, CVE-2021-39850, CVE-2021-39851, CVE-2021-39852, CVE-2021-39853, CVE-2021-39854, CVE-2021-39855, CVE-2021-39856, CVE-2021-39857, CVE-2021-39858, CVE-2021-39859, CVE-2021-39860, CVE-2021-39861, CVE-2021-39863
Impact: Arbitrary code execution, Arbitrary file system read, Memory leak, Application denial-of-service
Product: Adobe Digital Editions
Advisory/CVEs: APSB21-80, CVE-2021-39826, CVE-2021-39827, CVE-2021-39828
Impact: Arbitrary code execution, Arbitrary file system write, Privilege Escalation
Product: Adobe Experience Manager
Advisory/CVEs: APSB21-82, CVE-2021-40711, CVE-2021-40712, CVE-2021-40713, CVE-2021-40714
Impact: Arbitrary code execution, Application denial-of-service, Security feature bypass