CVE-2021-43025 – Adobe Premiere Rush versions 1.5.16 and earlier... (How to Fix)

Q: What is the severity of CVE-2021-43025?

CVE-2021-43025 has a CVSS score of 7.8 (HIGH). Adobe Premiere Rush versions 1.5.16 and earlier contain a memory corruption vulnerability when processing malicious SVG files. This could allow attackers to execute arbitrary code with the privileges of the current user. Users must open a malicious file to trigger the exploit.

📋 TL;DR

Adobe Premiere Rush versions 1.5.16 and earlier contain a memory corruption vulnerability when processing malicious SVG files. This could allow attackers to execute arbitrary code with the privileges of the current user. Users must open a malicious file to trigger the exploit.

💻 Affected Systems

Products:

Adobe Premiere Rush

Versions: 1.5.16 and earlier

Operating Systems: Windows, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations of affected versions are vulnerable. User interaction required (opening malicious SVG file).

📦 What is this software?

Premiere Rush by Adobe

View all CVEs affecting Premiere Rush →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise via arbitrary code execution with user privileges, potentially leading to data theft, ransomware deployment, or lateral movement.

🟠

Likely Case

Local privilege escalation or malware installation if user opens a crafted SVG file, potentially compromising the workstation.

🟢

If Mitigated

Limited impact if user doesn't open untrusted SVG files, with potential application crash but no code execution.

🌐 Internet-Facing: LOW

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires user to open malicious SVG file. No public exploit code available as of analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.5.17 or later

Vendor Advisory: https://helpx.adobe.com/security/products/premiere_rush/apsb21-101.html

Restart Required: Yes

Instructions:

1. Open Adobe Premiere Rush. 2. Go to Help > Check for Updates. 3. Install update to version 1.5.17 or later. 4. Restart the application.

🔧 Temporary Workarounds

Block SVG file extensions

all

Prevent opening of SVG files in Premiere Rush via file extension blocking

User awareness training

all

Educate users not to open SVG files from untrusted sources

🧯 If You Can't Patch

Restrict user permissions to limit impact of code execution
Implement application whitelisting to prevent unauthorized executables

🔍 How to Verify

Check if Vulnerable:

Check Premiere Rush version in application (Help > About Premiere Rush). If version is 1.5.16 or earlier, system is vulnerable.

Check Version:

Not applicable - check via application GUI

Verify Fix Applied:

Confirm version is 1.5.17 or later in Help > About Premiere Rush.

📡 Detection & Monitoring

Log Indicators:

Application crashes when processing SVG files
Unusual process spawning from Premiere Rush

Network Indicators:

Outbound connections from Premiere Rush to unexpected destinations

SIEM Query:

Process creation where parent process contains 'Premiere Rush' AND child process is not typical for video editing

📊 Metadata

CVE ID: CVE-2021-43025

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-788

Published: December 20, 2021

Last Updated: November 21, 2024

🔗 References

https://helpx.adobe.com/security/products/premiere_rush/apsb21-101.html Vendor Advisory
https://helpx.adobe.com/security/products/premiere_rush/apsb21-101.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-43025, you might also want to check these: