Alert GCSA-21081 - Aggiornamento di sicurezza per prodotti Adobe

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



******************************************************************

alert ID: GCSA-21081
data: 23 luglio 2021
titolo: Aggiornamenti di sicurezza per prodotti Adobe

******************************************************************

:: Descrizione del problema

Adobe ha rilasciato i seguenti aggiornamenti di sicurezza per risolvere
numerose vulnerabilita', delle quali quasi tutte di livello critico
(CVSS 8.8 e CVSS 7.8).

APSB21-43 Security update available for Adobe Media Encoder
APSB21-54 Security update available for Adobe After Effects
APSB21-56 Security update available for Adobe Premiere Pro
APSB21-58 Security update available for Adobe Prelude 
APSB21-59 Security update available for Adobe Character Animator 
APSB21-62 Security update available for Adobe Audition
APSB21-63 Security update available for Adobe Photoshop

Maggiori informazioni sono disponibili alla sezione "Riferimenti".


:: Software interessato

Adobe Media Encoder 15.2 e versioni precedenti per Windows
Adobe After Effects 18.2.1 e versioni precedenti per Windows
Adobe Premiere Pro 15.2 e versioni precedenti per Windows
Adobe Prelude 10.0 e versioni precedenti per Windows
Adobe Character Animator 4.2 e versioni precedenti per Windows
Adobe Audition 14.2 e versioni precedenti per Windows
Adobe Photoshop 21.2.9 e versioni precedenti per Windows e macOS
Adobe Photoshop 22.4.2 e versioni precedenti per Windows e macOS


:: Impatto

Esecuzione remota di codice arbitrario (RCE)
Accesso ad informazioni riservate (ID)
Manomissione (Data Manipulation)
Acquisizione di privilegi piu' elevati (EoP)


:: Soluzioni

Aggiornare i software alle ultime versioni:

Adobe Media Encoder 15.4
Adobe After Effects 18.4
Adobe Premiere Pro 15.4
Adobe Prelude 10.1
Adobe Character Animator 4.4
Adobe Audition 14.4
Adobe Photoshop 21.2.10
Adobe Photoshop 22.4.3


:: Riferimenti

Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security.html
https://helpx.adobe.com/security/products/media-encoder/apsb21-43.html
https://helpx.adobe.com/security/products/after_effects/apsb21-54.html
https://helpx.adobe.com/security/products/premiere_pro/apsb21-56.html
https://helpx.adobe.com/security/products/prelude/apsb21-58.html
https://helpx.adobe.com/security/products/character_animator/apsb21-59.html
https://helpx.adobe.com/security/products/audition/apsb21-62.html
https://helpx.adobe.com/security/products/photoshop/apsb21-63.html

US-CERT
https://us-cert.cisa.gov/ncas/current-activity/2021/07/21/adobe-releases-security-updates-multiple-products

Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28589
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28590
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35993
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35994
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35996
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35997
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35999
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36000
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36001
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36003
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36005
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36006
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36007
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36013
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36014
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36015
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36016
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36018
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36019




GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert




-----BEGIN PGP SIGNATURE-----

iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCYPpwyQAKCRDBnEyTZRJg
QpNJAJ492gp1rBGaw3i77lJs3kAByEB+BwCeMx+DBZja6W1RBYY+a4o2kcgjyYY=
=jOyi
-----END PGP SIGNATURE-----