CVE-2021-36054

Name of the Vulnerable Software and Affected Versions XMP Toolkit SDK versions 2020.1 and earlier

Description The issue is related to a buffer overflow in dynamic memory, potentially allowing an attacker to access protected information or cause a denial of service. Exploitation requires user interaction, where a victim must open a crafted file, and can result in local application denial of service in the context of the current user.

Recommendations For XMP Toolkit SDK versions 2020.1 and earlier, consider disabling the ability to open crafted files until a patch is available. Restrict user interaction with potentially malicious files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.