Bulletin ID
Security hotfix available for RoboHelp Server | APSB21-87
|
Date Published |
Priority |
---|---|---|
ASPB21-87 |
November 9, 2021 |
3 |
Summary
Adobe has released a security hotfix for RoboHelp Server. This update resolves a vulnerability rated critical. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Affected Versions
Product |
Affected version |
Platform |
RoboHelp Server |
RHS2020.0.1 and earlier versions |
Windows |
Solution
Adobe categorizes these updates with the following priority rating and recommends users update their installation to the newest version:
Product |
Version |
Platform |
Priority rating |
Availability |
RoboHelp Server |
RHS2020.0.2 |
Windows |
3 |
Vulnerability Details
Vulnerability Category |
Vulnerability Impact |
Severity |
CVSS base score |
CVE Numbers |
|
---|---|---|---|---|---|
Path Traversal (CWE-22) |
Arbitrary code execution |
Critical |
8.8 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
CVE-2021-42727 |
Acknowledgments
Adobe would like to thank Dusan Stevanovic of Trend Micro for reporting this issue and for working with Adobe to help protect our customers.
For more information, visit https://helpx.adobe.com/security.html, or email PSIRT@adobe.com.