===================================================================== CERT-Renater Note d'Information No. 2021/VULN571 _____________________________________________________________________ DATE : 27/10/2021 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Adobe Character Animator versions prior to 4.4.2, 22.0. ===================================================================== https://helpx.adobe.com/security/products/character_animator/apsb21-95.html _____________________________________________________________________ Last updated on Oct 26, 2021 Security Updates Available for Adobe Character Animator | APSB21-95 Bulletin ID Date Published Priority ASPB21-95 October 26, 2021 3 Summary Adobe has released an update for Adobe Character Animator for Windows and macOS. This update resolves critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and file service reads, privilege escalation, and application denial of service. Affected Versions Product Version Platform Character Animator 2021 4.4 and earlier versions Windows and macOS Solution Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version via the Creative Cloud desktop app’s update mechanism. For more information, please reference this help page. Download Center Product Version Platform Priority Rating Availability Character Animator 2021 4.4.2 Windows and macOS 3 Download Center Character Animator 2022 22.0 Windows and macOS 3 Download Center For managed environments, IT administrators can use the Admin Console to deploy Creative Cloud applications to end users. Refer to this help page for more information. Vulnerability details Vulnerability Category Vulnerability Impact Severity CVSS base score  CVSS vector CVE Numbers NULL Pointer Dereference (CWE-476) Application denial of service Important 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-40762 Access of Memory Location After End of Buffer (CWE-788) Arbitrary Code Execution     Critical  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-40763 Access of Memory Location After End of Buffer (CWE-788) Arbitrary code execution Critical 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-40764 Access of Memory Location After End of Buffer (CWE-788) Arbitrary code execution Critical 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-40765 Out-of-bounds Read (CWE-125) Arbitrary file system read Moderate 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2021-40766 Access of Memory Location After End of Buffer (CWE-788) Application denial of service Important 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-40767 NULL Pointer Dereference (CWE-476) Application denial of service Important 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-40768 Out-of-bounds Read (CWE-125) Privilege escalation Moderate 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2021-40769 Acknowledgments Adobe would like to thank the following researchers for reporting these issues and for working with Adobe to help protect our customers:    Shape(hy350) HY350 of Topsec Alpha Team CVE-2021-40762; CVE-2021-40768 (yjdfy) CQY of Topsec Alpha Team CVE-2021-40763; CVE-2021-40764; CVE-2021-40765; CVE-2021-40767 Qiao Li Of Baidu Security Lab working with Trend Micro Zero Day Initiative (CVE-2021-40769) Francis Provencher working with Trend Micro Zero Day Initiative (CVE-2021-40766) For more information, visit https://helpx.adobe.com/security.html, or email PSIRT@adobe.com ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================