Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.1989 APSB21-47 Security update available for Adobe Premiere Elements 9 June 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Adobe Premier Elements Publisher: Adobe Operating System: Windows Impact/Access: Increased Privileges -- Existing Account Create Arbitrary Files -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2021-28623 Original Bulletin: https://helpx.adobe.com/security/products/premiere_elements/apsb21-47.html - --------------------------BEGIN INCLUDED TEXT-------------------- Security updates available for Adobe Premiere Elements | APSB21-47 Bulletin ID Date Published Priority ASPB21-47 June 08, 2021 3 Summary Adobe has released updates for Adobe Premiere Elements for Windows and macOS. This update addresses an important vulnerability. Successful exploitation could lead to privilege escalation in the context of the current user. Affected Versions Product Version Platform Adobe Premiere Elements (installer) 5.2 and earlier versions Windows Solution Adobe categorizes these updates with the following priority ratings and recommends users to download the new installer and upgrade their installations. Product Version Platform Priority Availability Adobe Premiere Elements 5.3 Windows and 3 Download (installer) macOS Center Vulnerability details Vulnerability Vulnerability CVSS Category Impact Severity base CVSS vector CVE Numbers score Creation of Temporary File in CVSS:3.1/AV:L Directory with Privilege /AC:L/PR:N/ Incorrect escalation Important 6.2 UI:N/S:U/C:N/ CVE-2021-28623 Permissions I:H/A:N ( CWE-379 ) Acknowledgments Adobe would like to thank CQY of Topsec Alpha Team (yjdfy) for reporting these issues and for working with Adobe to help protect our customers. For more information, visit https://helpx.adobe.com/security.html , or email PSIRT@adobe.com. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYMAl+eNLKJtyKPYoAQirYw/7B0XyJAbh3cejzvBUDMSgAK4WsGtcgSjN Gy/aZ7D2Kyp/bflYukGdhBsiLO+sDDi1rD8EC8StqeXRL0+rhoB9EU9ibqZhCAKE 1fCpZLpaTbYmprEvy5AgDBe6NCbthEiL5jEnAF87KG23+hBMoo3vT1sUAYUla6Ob OvMwnRggUv358U5yOKGXWJ1ZzuXoXNJt9uTxQpkKX+pEZbGD4APnxIy7opHru6mG Mg6hGqVrvAH9bJELyR51Jk1JpQ9lQTT1Q1xjgcPFinYclF3dNg2WKjDUKEsBTVgd ffgdkWgVMvc2+jleIaFCC2aXmC/x9fYhp3gvMWU2LM6cPuvFbWGso/ZV+ap8ivO/ NvFB0KwuJhIK8UpkDerHO+zxXHyoMv0ll55XksSmPmXLmM9acY9dT4lIo8L8Ws2i /fSs0BjvzmOeDc+oGJ0MJWlas4ZvIpyKMgQq3ZDl69SgESwa0NPMFM8DtmQOnfUE F3o+y2kQD+rlErukA+Ybf6LFtolawDrb4rKbXRxHzYGYzYzkhvMNkhWjTKSzZZmd X02/Sx0/2IM40AqEnI/Ogf4G8Br7Rp3p48rYhz2l2eNMdm1bO5WCaJkMS7HNBGqj fdXkEv5W9sl8DOijVTBMc5q66ZDHeNDZvk0pyH3eVWGHaJdGUllk2wZK5M2mwsmR VlZZswXJ8rM= =Ifcr -----END PGP SIGNATURE-----