What is CVE-2021-39826?

CVE-2021-39826 is a high-severity vulnerability in Adobe Digital Editions, classified under OS Command Injection. CVSS score: 8.6/10. Published 2021-09-27.

How severe is CVE-2021-39826?

High severity. CVSS v3 base score is 8.6 out of 10.

RCE in Adobe Digital Editions

CVE-2021-39826

Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary command execution vulnerability. An authenticated attacker could leverage this vulnerability to execute arbitrary commands. User interaction is required to abu…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.029 (86.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H.

Affected products

Adobe Digital Editions — versions unspecified

Weakness classification (CWE)

CWE-78 — OS Command Injection

References

helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-39826?: CVE-2021-39826 is a high-severity vulnerability in Adobe Digital Editions, classified under OS Command Injection. CVSS score: 8.6/10. Published 2021-09-27.
How severe is CVE-2021-39826?: High severity. CVSS v3 base score is 8.6 out of 10.