CVE ID: CVE-2021-21092 CVSS Score: 7.8 Affected Vendors: Adobe Affected Products: Bridge Vulnerability Details: - Allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. - The flaw exists in the processing of DCM files, resulting from improper validation of user-supplied data, leading to memory corruption. - An attacker can exploit this to execute code in the context of the current process. Additional Details: Adobe has issued an update to correct this vulnerability. More details Disclosure Timeline: - 2020-12-16: Vulnerability reported to vendor - 2021-04-15: Coordinated public release of advisory Credit: Francis Provencher {PRL}