===================================================================== CERT-Renater Note d'Information No. 2021/VULN595 _____________________________________________________________________ DATE : 10/11/2021 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Adobe RoboHelp Server versions prior to RHS2020.0.2. ===================================================================== https://helpx.adobe.com/security/products/robohelp-server/apsb21-87.html _____________________________________________________________________ Last updated on Nov 9, 2021 Security hotfix available for RoboHelp Server  | APSB21-87 Bulletin ID Date Published Priority ASPB21-87 November 9, 2021      3 Summary Adobe has released a security hotfix for RoboHelp Server. This update resolves a vulnerability rated critical. Successful exploitation could lead to arbitrary code execution in the context of the current user. Affected Versions Product Affected version Platform RoboHelp Server RHS2020.0.1 and earlier versions  Windows Solution Adobe categorizes these updates with the following priority rating and recommends users update their installation to the newest version:  Product Version Platform Priority rating Availability RoboHelp Server RHS2020.0.2 Windows 3 Release notes Vulnerability Details Vulnerability Category Vulnerability Impact Severity CVSS base score CVSS vector CVE Numbers Path Traversal (CWE-22) Arbitrary code execution Critical 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-42727 Acknowledgments Adobe would like to thank Dusan Stevanovic of Trend Micro for reporting this issue and for working with Adobe to help protect our customers.   For more information, visit https://helpx.adobe.com/security.html, or email PSIRT@adobe.com. ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================