CVE-2021-40719— Adobe Connect Deserialization of Untrusted Data Remote Code Execution
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-40719
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Adobe Connect Deserialization of Untrusted Data Remote Code Execution
Source: NVD (National Vulnerability Database)
Vulnerability Description
Adobe Connect version 11.2.3 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary method invocation when AMF messages are deserialized on an Adobe Connect server. An attacker can leverage this to execute remote code execution on the server.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
可信数据的反序列化
Source: NVD (National Vulnerability Database)
Vulnerability Title
Adobe Connect 代码问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Adobe Connect是美国奥多比(Adobe)公司的一个用于创建会议环境的软件。 Adobe Connect 存在代码问题漏洞,该漏洞源于产品处理序列化数据时未对输入数据做有效验证。攻击者可通过该漏洞在目标系统执行任意代码。以下产品及版本受到影响:Adobe Connect 11.0, Adobe Connect 11.0.5 至 11.0.7 版本, Adobe Connect 11.2 至 11.2.2 版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2021-40719
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-40719
请登录查看更多情报信息。
- https://helpx.adobe.com/security/products/connect/apsb21-91.htmlx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2021-40719
IV. Related Vulnerabilities
Same product: Connect
- CVE-2025-15331
Tanium addressed an uncontrolled resource consumption vulner - CVE-2024-31849
CData Connect 安全漏洞 - CVE-2023-22232
Adobe Connect Improper Access Control Security feature bypas - CVE-2021-40721
Adobe Connect Reflected Cross Site Scripting - CVE-2021-36063
Adobe Connect Reflected Cross-site Scripting via 'isTabletDe
Same vendor: Adobe
- CVE-2026-34632
Photoshop Installer | CWE-427: Uncontrolled Search Path Elem - CVE-2026-27297
Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (C - CVE-2026-27300
Adobe Framemaker | Access of Uninitialized Pointer (CWE-824) - CVE-2026-27296
Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (C - CVE-2026-27290
Adobe Framemaker | Untrusted Search Path (CWE-426)
Same weakness: CWE-502
- CVE-2026-44126
Insecure deserialization - CVE-2026-5127
User Frontend: AI Powered Frontend Posting, User Directory, - CVE-2026-41586
ObjectInputStream.readObject() without ObjectInputFilter in - CVE-2026-34084
PhpSpreadsheet SSRF and RCE via PHP stream wrappers in IOFac - CVE-2026-7712
MindsDB Pickle pickle.loads deserialization
V. Comments for CVE-2021-40719
No comments yet