CVE-2021-40701

Name of the Vulnerable Software and Affected Versions Adobe Premiere Elements versions 2021.2235820 and earlier

Description The issue is related to a memory corruption vulnerability due to insecure handling of a malicious m4a file. This could potentially result in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. The vulnerability is also described as a buffer overflow in memory, which can be exploited by a specially crafted file.

Recommendations For Adobe Premiere Elements versions 2021.2235820 and earlier, consider avoiding the use of malicious m4a files until a patch is available. As a temporary workaround, restrict the handling of m4a files in the software to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.