CVE-2021-39855 : What You Need to Know
Learn about CVE-2021-39855, an Information Disclosure vulnerability in Adobe Acrobat Reader DC ActiveX Control versions, enabling attackers to obtain NTLMv2 credentials. Understand the impact, technical details, and mitigation steps.
Adobe Acrobat Reader DC ActiveX Control versions are affected by an Information Disclosure vulnerability that could lead to obtaining NTLMv2 credentials. This CVE was published on September 14, 2021.
Understanding CVE-2021-39855
This section provides insights into the nature and impact of the CVE-2021-39855 vulnerability.
What is CVE-2021-39855?
CVE-2021-39855 is an Information Disclosure vulnerability found in Adobe Acrobat Reader DC ActiveX Control versions. It allows an attacker to potentially acquire NTLMv2 credentials by manipulating user interactions with crafted files or websites.
The Impact of CVE-2021-39855
The impact of this vulnerability is medium severity with high confidentiality impact. Here are the details:
- CVSS Base Score: 6.5 (Medium)
- Attack Vector: Network
- Attack Complexity: Low
- User Interaction: Required
Technical Details of CVE-2021-39855
Explore the technical aspects of CVE-2021-39855 to understand its implications better.
Vulnerability Description
The vulnerability allows unauthenticated attackers to exploit the ActiveX Control versions to retrieve sensitive NTLMv2 credentials.
Affected Systems and Versions
- Acrobat Reader versions <= 2021.005.20060
- Acrobat Reader versions <= 2020.004.30006
- Acrobat Reader versions <= 2017.011.30199
- Note: The issue requires user interaction to be triggered through specific actions.
Exploitation Mechanism
The exploitation of this vulnerability necessitates a victim to open a malicious Microsoft Office file or visit an attacker's controlled webpage.
Mitigation and Prevention
Learn how to mitigate the risks associated with CVE-2021-39855 and prevent potential exploitation.
Immediate Steps to Take
- Ensure users exercise caution while opening files from untrusted sources.
- Regularly update Adobe Acrobat Reader to the latest version.
- Educate users on the risks associated with interacting with unknown files or websites.
Long-Term Security Practices
- Implement network segmentation to limit the impact of potential attacks.
- Enforce strong password policies to prevent unauthorized access.
Patching and Updates
- Stay informed about security advisories from Adobe.
- Apply security patches provided by Adobe promptly.