CVE-2021-44186

LOW

Adobe Bridge < 11.1.2 - Out-of-Bounds Read

Title source: rule

Description

Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious SGI file.

Exploits (1)

inthewild WORKING POC

poc

https://github.com/0xhaggis/cve-2021-44186

View Code ZIP pw:eip

References (1)

[Vendor Advisory] https://helpx.adobe.com/security/products/bridge/apsb22-03.html

Scores

CVSS v3 3.3

EPSS 0.0080

EPSS Percentile 74.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Details

CWE

CWE-125

Status published

Products (2)

adobe/bridge 12.0

adobe/bridge < 11.1.2

Published Dec 07, 2021

Tracked Since Feb 18, 2026