CVE-2021-40794 – Adobe Premiere Pro versions 15.4.1 and earlier ... (How to Fix)

Q: What is the severity of CVE-2021-40794?

CVE-2021-40794 has a CVSS score of 7.8 (HIGH). Adobe Premiere Pro versions 15.4.1 and earlier contain a memory corruption vulnerability when processing malicious files. This could allow attackers to execute arbitrary code with the privileges of the current user. Users who open untrusted project files are at risk.

📋 TL;DR

Adobe Premiere Pro versions 15.4.1 and earlier contain a memory corruption vulnerability when processing malicious files. This could allow attackers to execute arbitrary code with the privileges of the current user. Users who open untrusted project files are at risk.

💻 Affected Systems

Products:

Adobe Premiere Pro

Versions: 15.4.1 and earlier

Operating Systems: Windows, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations of affected versions are vulnerable. User interaction (opening malicious file) is required.

📦 What is this software?

Premiere Pro by Adobe

View all CVEs affecting Premiere Pro →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise via arbitrary code execution leading to data theft, ransomware deployment, or persistent backdoor installation.

🟠

Likely Case

Local privilege escalation leading to user account compromise and potential lateral movement within the network.

🟢

If Mitigated

Limited impact if user runs with minimal privileges and file execution is blocked by security controls.

🌐 Internet-Facing: LOW

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user to open a malicious file. No public exploit code is known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 15.4.2 or later

Vendor Advisory: https://helpx.adobe.com/security/products/premiere_pro/apsb21-100.html

Restart Required: Yes

Instructions:

1. Open Adobe Creative Cloud application. 2. Navigate to 'Apps' tab. 3. Find Premiere Pro and click 'Update'. 4. Restart Premiere Pro after update completes.

🔧 Temporary Workarounds

Restrict file opening

all

Configure Premiere Pro to only open trusted project files from known sources.

Run with reduced privileges

all

Run Premiere Pro with standard user privileges instead of administrator rights.

🧯 If You Can't Patch

Implement application whitelisting to block execution of malicious files
Use network segmentation to isolate Premiere Pro workstations from critical systems

🔍 How to Verify

Check if Vulnerable:

Check Premiere Pro version via Help > About Premiere Pro. If version is 15.4.1 or earlier, system is vulnerable.

Check Version:

On Windows: wmic product where name="Adobe Premiere Pro" get version
On macOS: /Applications/Adobe\ Premiere\ Pro\ */Adobe\ Premiere\ Pro.app/Contents/Info.plist

Verify Fix Applied:

Verify version is 15.4.2 or later in Help > About Premiere Pro.

📡 Detection & Monitoring

Log Indicators:

Premiere Pro crash logs with memory access violations
Unexpected child processes spawned from Premiere Pro

Network Indicators:

Unusual outbound connections from Premiere Pro process

SIEM Query:

process_name:"Adobe Premiere Pro.exe" AND (event_type:crash OR child_process_count > 3)

📊 Metadata

CVE ID: CVE-2021-40794

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-788

Published: March 16, 2022

Last Updated: November 21, 2024

🔗 References

https://helpx.adobe.com/security/products/premiere_pro/apsb21-100.html Patch,Vendor Advisory
https://helpx.adobe.com/security/products/premiere_pro/apsb21-100.html Patch,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-40794, you might also want to check these: