What is CVE-2021-36047?

CVE-2021-36047 is a high-severity vulnerability in Adobe Xmp Toolkit, classified under Improper Input Validation. CVSS score: 7.8/10. Published 2021-09-01.

How severe is CVE-2021-36047?

High severity. CVSS v3 base score is 7.8 out of 10.

Is CVE-2021-36047 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Improper input validation in Adobe Xmp Toolkit

CVE-2021-36047

XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a v…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.005 (68.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Adobe Xmp Toolkit — versions unspecified

Weakness classification (CWE)

CWE-20 — Improper Input Validation

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2021-36047?: CVE-2021-36047 is a high-severity vulnerability in Adobe Xmp Toolkit, classified under Improper Input Validation. CVSS score: 7.8/10. Published 2021-09-01.
How severe is CVE-2021-36047?: High severity. CVSS v3 base score is 7.8 out of 10.
Is CVE-2021-36047 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.