Products

Solutions

Company

CVE-2021-35982 : Vulnerability Insights and Analysis

Learn about CVE-2021-35982 affecting Adobe Acrobat Reader DC. Understand the impact, technical details, and mitigation steps for this Uncontrolled Search Path Element vulnerability.

Adobe Reader DC Windows Installer Uncontrolled Search Path element could lead to Arbitrary Code Execution.

Understanding CVE-2021-35982

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier), and 2017.011.30199 (and earlier) are affected by an Uncontrolled Search Path Element vulnerability. A local attacker with non-administrative privileges can plant a malicious DLL to achieve arbitrary code execution in the context of the current user via DLL hijacking. Exploitation of this issue requires user interaction.

What is CVE-2021-35982?

CVE-2021-35982 is a vulnerability in Adobe Acrobat Reader DC that allows a local attacker to gain arbitrary code execution privileges by exploiting an Uncontrolled Search Path Element vulnerability.

The Impact of CVE-2021-35982

This vulnerability has a CVSS base score of 7.3, indicating a high severity level. It can result in high confidentiality, integrity, and availability impacts, requiring low privileges and user interaction for exploitation.

Technical Details of CVE-2021-35982

The vulnerability arises from an Uncontrolled Search Path Element weakness in Acrobat Reader DC, affecting versions 2021.005.20060, 2020.004.30006, and 2017.011.30199 or earlier.

Vulnerability Description

An attacker with non-administrative privileges can insert a malicious DLL to execute arbitrary code via DLL hijacking.

Affected Systems and Versions

Acrobat Reader DC versions 2021.005.20060, 2020.004.30006, and 2017.011.30199 (and earlier) are impacted.

Exploitation Mechanism

Successful exploitation of CVE-2021-35982 involves planting a malicious DLL and requires user interaction.

Mitigation and Prevention

To safeguard systems from CVE-2021-35982, take immediate steps and adopt long-term security practices.

Immediate Steps to Take

Implement security patches, restrict DLL loading, and educate users on safe browsing practices.

Long-Term Security Practices

Regularly update Acrobat Reader DC, employ endpoint protection, and conduct security awareness training.

Patching and Updates

Refer to vendor security advisories for patch availability and apply updates promptly.

CVE-2021-35982 : Vulnerability Insights and Analysis

Understanding CVE-2021-35982

What is CVE-2021-35982?

The Impact of CVE-2021-35982

Technical Details of CVE-2021-35982

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CVE-2021-35982 : Vulnerability Insights and Analysis

.css-13d6ni4{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#01130E;text-align:left;font-size:24px;font-weight:700;margin-top:1rem;font-family:sans-serif;}Understanding CVE-2021-35982

.css-1n791fa{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#01130E;text-align:left;font-size:1.2rem;font-weight:700;margin-top:1rem;margin-bottom:0rem;font-family:sans-serif;}What is CVE-2021-35982?

The Impact of CVE-2021-35982

Technical Details of CVE-2021-35982

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities? Find Out Now

Understanding CVE-2021-35982

What is CVE-2021-35982?

Is your System Free of Underlying Vulnerabilities?
Find Out Now