CVE-2021-44739 : Exploit Details and Defense Strategies
Learn about CVE-2021-44739 affecting Adobe Acrobat Reader DC. Discover the impact, affected versions, exploitation mechanism, and mitigation steps to secure your systems.
Adobe Acrobat Reader DC add-on (AxAcroPDFLib.AxAcroPDF) src NTLMv2 Single Sign-On Authorization leak vulnerability.
Understanding CVE-2021-44739
What is CVE-2021-44739?
Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier), and 17.011.30204 (and earlier) have an Information Disclosure vulnerability. An attacker could exploit this to obtain NTLMv2 credentials requiring user interaction.
The Impact of CVE-2021-44739
The vulnerability's CVSS base score is 3.1 out of 10, indicating a low severity issue that requires high attack complexity with user interaction.
Technical Details of CVE-2021-44739
Vulnerability Description
- Affected versions of Acrobat Reader allow unauthorized access to NTLMv2 credentials
- Exploitation demands user interaction via malicious Office file or website visit
Affected Systems and Versions
- Adobe Acrobat Reader DC versions 21.007.20099, 20.004.30017, and 17.011.30204
Exploitation Mechanism
- Attacker prompts victim to open a crafted file or visit a controlled webpage
Mitigation and Prevention
Immediate Steps to Take
- Avoid opening files from untrusted sources
- Update Acrobat Reader to the latest version
Long-Term Security Practices
- Educate users on safe browsing habits
- Implement network security measures
- Monitor and restrict ActiveX controls
Patching and Updates
- Adobe released security updates to address this vulnerability