CVE-2021-43029

Name of the Vulnerable Software and Affected Versions Adobe Premiere Rush versions 1.5.16 and earlier

Description The issue is related to a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. The vulnerability is also described as a buffer overflow issue when processing M4A files, which could allow an attacker to execute arbitrary code.

Recommendations For Adobe Premiere Rush versions 1.5.16 and earlier, update to a version later than 1.5.16 to resolve the issue. As a temporary workaround, consider avoiding the use of M4A files in Adobe Premiere Rush until a patch is available. Restrict user interaction with potentially malicious M4A files to minimize the risk of exploitation.