Adobe Security Bulletin

Security Updates Available for Adobe Framemaker | APSB21-45

Bulletin ID

Date Published

Priority

APSB21-45

July 13, 2021    

3

Summary

Adobe has released a security update for Adobe Framemaker. This update addresses a critical vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.             

Affected Versions

Product

Version

Platform

Adobe Framemaker

2019 Update 8 and earlier

Windows

Adobe Framemaker

2020 Release Update 1 and earlier    

Windows

Solution

Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:

Product

Version

Platform

Priority

Availability

Adobe Framemaker

2019 Release Update 8
(hotfix)

Windows

3

Adobe Framemaker

2020 Release Update 2

Windows

3

Vulnerability details

Vulnerability Category

Vulnerability Impact

Severity

CVSS base score 

CVE Numbers

Out-of-bounds Write

(CWE-787)

Arbitrary code execution

Critical

7.8

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVE-2021-28596

Acknowledgments

Adobe would like to thank Tran Van Khang - khangkito (VinCSS) working with Trend Micro Zero Day Initiative for reporting the relevant issues and for working with Adobe to help protect our customers.      


For more information, visit https://helpx.adobe.com/security.html , or email PSIRT@adobe.com

 Adobe

Get help faster and easier

New user?

Adobe MAX 2024

Adobe MAX
The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX

The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX 2024

Adobe MAX
The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX

The Creativity Conference

Oct 14–16 Miami Beach and online