Bulletin ID
Last updated on
Security updates available for Adobe RoboHelp Server | APSB21-44
|
|
Date Published |
Priority |
|---|---|---|
|
ASPB21-44 |
June 08, 2021 |
3 |
Summary
Adobe has released a security update for RoboHelp Server. This update resolves a vulnerability rated critical. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Affected Versions
|
Product |
Affected version |
Platform |
|
RoboHelp Server |
2019.0.9 and earlier versions |
Windows |
Solution
Adobe categorizes these updates with the following priority rating and recommends users update their installation to the newest version:
|
Product |
Version |
Platform |
Priority rating |
Availability |
|
RoboHelp Server |
2020.0.1 |
Windows |
3 |
Vulnerability Details
|
Vulnerability Category |
Vulnerability Impact |
Severity |
CVSS base score |
CVE Numbers |
|
|---|---|---|---|---|---|
|
Path Traversal (CWE-22) |
Arbitrary code execution |
Critical |
8.8 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
CVE-2021-28588 |
Acknowledgments
Adobe would like to thank Anonymous working with Trend Micro Zero Day Initiative for reporting this issue and for working with Adobe to help protect our customers.
For more information, visit https://helpx.adobe.com/security.html, or email PSIRT@adobe.com.