CVE Database · CVE-2021-40719
CVSS v3.1
N/A
EPSS
3.42%
Published
Oct 21, 2021
Modified
Nov 21, 2024
Public PoC / Exploit
All weaponized →No public PoC or exploit code indexed for this CVE.
Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Adobe Connect version 11.2.3 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary method invocation when AMF messages are deserialized on an Adobe Connect server. An attacker can leverage this to execute remote code execution on the server.
Weaknesses (CWE)
Affected Products (1)
References (2)
