CVE-2021-21086

HIGH

Adobe Acrobat and Reader DC < 20.013.20074 / < 17.011.30188 - Out-of-bounds Write in CoolType

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-21086. PoCs published by infobyte.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2021-21086, targeting Adobe Acrobat Reader DC 2020.013.20074 and earlier. The exploit leverages a Type 1 font charstring vulnerability to achieve remote code execution (RCE) by embedding a malicious charstring into a PDF file, which executes shellcode in the context of the rendering process.

Description

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType library. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Exploits (1)

nomisec WORKING POC 28 stars

by infobyte · poc

https://github.com/infobyte/Exploit-CVE-2021-21086

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2021-21086, targeting Adobe Acrobat Reader DC 2020.013.20074 and earlier. The exploit leverages a Type 1 font charstring vulnerability to achieve remote code execution (RCE) by embedding a malicious charstring into a PDF file, which executes shellcode in the context of the rendering process.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Adobe Acrobat Reader DC 2020.013.20074 and earlier

No auth needed

Prerequisites: Disable Adobe Reader's sandbox or use alternative shellcode · Python 3 environment with required dependencies (hexdump, colorama)

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://helpx.adobe.com/security/products/acrobat/apsb21-09.html

Scores

CVSS v3 7.8

EPSS 0.0464

EPSS Percentile 90.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-787

Status published

Products (4)

adobe/acrobat 17.011.30056 - 17.011.30188

adobe/acrobat_dc 20.006.20042 - 20.013.20074

adobe/acrobat_reader 17.011.30059 - 17.011.30188

adobe/acrobat_reader_dc 20.006.20042 - 20.013.20074

Published Sep 02, 2021

Tracked Since Feb 18, 2026