9VSA21-00516-01 CSIRT alerta de vulnerabilidades en productos de Adobe

Resumen

El Equipo de Respuesta ante Incidentes de Seguridad Informática del Gobierno de Chile, CSIRT de Gobierno, comparte información sobre nuevas vulnerabilidades en productos de Adobe.

Este informe incluye las medidas de mitigación, consistentes en instalar la última actualización de los productos afectados.

Vulnerabilidades

CVE-2021-36070

CVE-2021-40775

CVE-2021-40710

CVE-2021-40711

CVE-2021-40712

CVE-2021-40713

CVE-2021-40714

CVE-2021-40715

CVE-2021-40718

CVE-2021-40723

CVE-2021-40725

CVE-2021-40733

CVE-2021-40734

CVE-2021-40735

CVE-2021-40736

CVE-2021-40737

CVE-2021-40738

CVE-2021-40739

CVE-2021-40740

CVE-2021-40741

CVE-2021-40742

CVE-2021-40744

CVE-2021-40745

CVE-2021-40746

CVE-2021-40750

CVE-2021-40751

CVE-2021-40752

CVE-2021-40753

CVE-2021-40754

CVE-2021-40755

CVE-2021-40757

CVE-2021-40758

CVE-2021-40759

CVE-2021-40760

CVE-2021-40761

CVE-2021-40763

CVE-2021-40764

CVE-2021-40765

CVE-2021-40770

CVE-2021-40771

CVE-2021-40772

CVE-2021-40773

CVE-2021-40774

CVE-2021-40776

CVE-2021-40777

CVE-2021-40778

CVE-2021-40779

CVE-2021-40780

CVE-2021-40785

CVE-2021-40786

CVE-2021-40787

CVE-2021-40792

CVE-2021-40793

CVE-2021-40794

CVE-2021-42266

CVE-2021-42267

CVE-2021-42268

CVE-2021-42269

CVE-2021-42270

CVE-2021-42271

CVE-2021-42272

CVE-2021-42524

CVE-2021-42526

CVE-2021-42527

CVE-2021-42529

CVE-2021-42530

CVE-2021-42531

CVE-2021-42532

CVE-2021-42533

CVE-2021-42719

CVE-2021-42720

CVE-2021-42721

CVE-2021-42722

CVE-2021-42723

CVE-2021-42724

CVE-2021-42726

CVE-2021-42728

CVE-2021-42731

CVE-2021-42732

CVE-2021-42733

CVE-2021-42735

CVE-2021-42736

CVE-2021-42737

CVE-2021-42738

CVE-2021-43011

CVE-2021-43012

Impactos

Vulnerabilidades críticas

After Effects

CVE-2021-40751

CVE-2021-40752

CVE-2021-40753

CVE-2021-40754

CVE-2021-40755

CVE-2021-40757

CVE-2021-40758

CVE-2021-40759

CVE-2021-40760

Animate

CVE-2021-40733

CVE-2021-42266

CVE-2021-42267

CVE-2021-42268

CVE-2021-42269

CVE-2021-42270

CVE-2021-42271

CVE-2021-42272

CVE-2021-42524

Audition

CVE-2021-40734

CVE-2021-40735

CVE-2021-40736

CVE-2021-40738

CVE-2021-40739

CVE-2021-40740

Bridge

CVE-2021-40750

CVE-2021-42533

CVE-2021-42722

CVE-2021-42720

CVE-2021-42719

CVE-2021-42728

CVE-2021-42724

Character Animator

CVE-2021-40763

CVE-2021-40764

CVE-2021-40765

Illustrator

CVE-2021-40718

CVE-2021-40746

InDesign

CVE-2021-42732

CVE-2021-42731

Lightroom Classic

CVE-2021-40776

Media Encoder

CVE-2021-40778

CVE-2021-40777

CVE-2021-40779

CVE-2021-40780

Photoshop

CVE-2021-42735

CVE-2021-42736

Prelude:

CVE-2021-40773

CVE-2021-42733

CVE -2021-40775

CVE-2021-42738

CVE-2021-42737

CVE-2021-40772

CVE-2021-40771

Premiere Elements

CVE-2021-40785

CVE-2021-40786

CVE-2021-40787

CVE-2021-42526

CVE-2021-42527

Premiere Pro

CVE-2021-40792

CVE-2021-40793

CVE-2021-40794

XMP Toolkit SDK

CVE-2021-42529

CVE-2021-42530

CVE-2021-42531

CVE-2021-42532

Productos Afectados

Adobe After Effects

Adobe Animate

Adobe Audition

Adobe Bridge

Adobe Character Animator

Adobe Illustrator

Adobe InDesign

Adobe Lightroom Classic

Adobe Media Encoder

Adobe Photoshop

Adobe Prelude

Adobe Premiere Elements

Adobe Premiere Pro

Adobe XMP Toolkit SDK

Mitigación

Instalar las respectivas actualizaciones entregadas por el proveedor.

Enlaces

https://helpx.adobe.com/security/Home.html

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36070

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40775

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40710

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40711

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40712

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40713

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40714

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40715

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40718

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40723

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40725

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40733

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40734

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40735

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40736

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40737

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40738

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40739

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40740

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40741

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40742

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40744

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40745

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40746

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40750

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40751

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40752

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40753

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40754

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40755

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40757

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40757

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40759

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40760

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40761

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40763

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40764

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40765

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40770

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40771

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40772

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40773

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40774

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40776

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40777

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40778

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40779

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40780

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40785

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40786

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40787

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40792

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40793

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40794

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42266

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42267

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42268

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42269

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42270

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42271

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42272

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42524

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42526

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42527

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42529

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42530

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42531

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42532

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42533

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42719

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42720

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42721

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42722

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42723

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42724

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42726

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42728

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42731

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42732

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42733

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42735

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42736

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42737

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42738

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43011

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43012

Informe

El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace: 9VSA21-00516-01.

9VSA21-00516-01 CSIRT alerta de vulnerabilidades en productos de Adobe