cbcvebase.
CVE-2021-21797
published 2021-10-18

CVE-2021-21797: An exploitable double-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a reference to a…

PriorityP345high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
15.05%
96.3th percentile
An exploitable double-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a reference to a timeout object to be stored in two different places. When closed, the document will result in the reference being released twice. This can lead to code execution under the context of the application. An attacker can convince a user to open a document to trigger this vulnerability.

Affected

3 ranges
VendorProductVersion rangeFixed in
gonitronitro_pro
gonitronitro_pro
gonitronitro_pro

Detection & IOCsextracted from sources · hover to see the quote

snort
57303
snort
57304
snort
57294
snort
57295
  • Exploitation requires opening a specially crafted malicious PDF document; monitor for suspicious PDF opens in Nitro Pro triggering double-free conditions in the JavaScript engine's timeout object handling.
  • ·Snort rules 57303, 57304, 57294, and 57295 are subject to change as additional vulnerability information becomes available; always pull the latest rule versions from Firepower Management Center or Snort.org.
  • ·Confirmed vulnerable versions are Nitro Pro 13.31.0.605 and 13.33.2.645; detections should be scoped to these versions until broader version coverage is confirmed.

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.