What is CVE-2021-21045?

CVE-2021-21045 is a high-severity vulnerability in Adobe Acrobat Reader, classified under Improper Access Control. CVSS score: 8.2/10. Published 2021-02-11.

How severe is CVE-2021-21045?

High severity. CVSS v3 base score is 8.2 out of 10.

Is CVE-2021-21045 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Adobe Acrobat Reader

CVE-2021-21045

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper access control vulnerability. An unauthenticated attacker could leverage this vulne…

EPSS: 0.009 (76.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H.

Affected products

Adobe Acrobat Reader — versions unspecified

Weakness classification (CWE)

CWE-284 — Improper Access Control

Public proof-of-concept exploits

Live-Hack-CVE/CVE-2021-21045

References

helpx.adobe.com/security/products/acrobat/apsb21-09.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-21045?: CVE-2021-21045 is a high-severity vulnerability in Adobe Acrobat Reader, classified under Improper Access Control. CVSS score: 8.2/10. Published 2021-02-11.
How severe is CVE-2021-21045?: High severity. CVSS v3 base score is 8.2 out of 10.
Is CVE-2021-21045 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.