CVE-2021-44702 : Vulnerability Insights and Analysis
Learn about CVE-2021-44702 impacting Acrobat Reader. Discover how attackers exploit an NTLMv2 SSO Auth leak vulnerability in Adobe Acrobat Reader DC ActiveX Control versions.
Adobe Acrobat Reader DC add-on for Internet Explorer has an NTLMv2 SSO Auth leak vulnerability that allows attackers to disclose information.
Understanding CVE-2021-44702
This CVE involves an Information Disclosure vulnerability in Adobe Acrobat Reader DC ActiveX Control.
What is CVE-2021-44702?
- Acrobat Reader versions 21.007.20099, 20.004.30017, and 17.011.30204 are impacted
- Attackers can exploit to obtain NTLMv2 credentials
The Impact of CVE-2021-44702
- Attack Complexity: High
- Attack Vector: Network
- Base Score: 3.1 (Low Severity)
- Exploitation requires user interaction
Technical Details of CVE-2021-44702
This section outlines specific technical aspects of the vulnerability.
Vulnerability Description
- Vulnerability: Information Disclosure
- Unauthenticated attacker exploit
- Requires victim interaction on controlled web page
Affected Systems and Versions
- Acrobat Reader versions: 21.007.20099, 20.004.30017, 17.011.30204
- Vendor: Adobe
Exploitation Mechanism
- Attacker-controlled web page exploitation
- Acquisition of NTLMv2 credentials
Mitigation and Prevention
Measures to secure systems against CVE-2021-44702.
Immediate Steps to Take
- Update Acrobat Reader to the latest version
- Exercise caution when visiting unknown websites
- Employ network security controls
- Monitor for unauthorized access
Long-Term Security Practices
- Regularly update software and security patches
- Conduct security awareness training
- Implement strong password policies
Patching and Updates
- Refer to the Adobe security advisory for patch details