Memory Corruption Vulnerability in Adobe Media Encoder 15.4 and Earlier: Arbitrary Code Execution via Malicious M4A File

CVE-2021-46817 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.

Learn more about our User Device Pen Test.