Headline
CVE-2021-43753: Adobe Security Bulletin
Adobe Lightroom versions 4.4 (and earlier) are affected by a use-after-free vulnerability in the processing of parsing TIF files that could result in privilege escalation. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Security Updates Available for Adobe Lightroom | APSB21-119
Bulletin ID
Date Published
Priority
ASPB21-119
December 14, 2021
3
Summary
Adobe has released updates for Adobe Lightroom for Windows and macOS. This update addresses an Important vulnerability. Successful exploitation could lead to privilege escalation
in the context of the current user.
Affected Versions
Product
Version
Platform
Lightroom
4.4 and earlier versions
Windows
Solution
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version via the Creative Cloud desktop app’s update mechanism. For more information, please reference this help page.
Product
Version
Platform
Priority Rating
Availability
Lightroom
5.1
Windows and macOS
3
Download Center
For managed environments, IT administrators can use the Admin Console to deploy Creative Cloud applications to end users. Refer to this help page for more information.
Vulnerability details
Vulnerability Category
Vulnerability Impact
Severity
CVE Numbers
Use After Free (CWE-416)
Privilege escalation
Important
CVE-2021-43753
Acknowledgments
Adobe would like to thank Mat Powell of Trend Micro Zero Day Initiative
for reporting this issue and for working with Adobe to help protect our customers.
- Mat Powell of Trend Micro Zero Day Initiative – CVE-2021-43753