CVE-2021-40790

Name of the Vulnerable Software and Affected Versions Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier)

Description The issue is related to an Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction, where a victim must open a malicious file, potentially a specially crafted MOV file. This could allow a remote attacker to elevate their privileges and gain unauthorized access to protected information.

Recommendations For Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier), avoid opening malicious or untrusted files, especially MOV files, until a patch is available. As a temporary workaround, consider restricting access to files from untrusted sources to minimize the risk of exploitation.