cbcvebase.
CVE-2021-21798
published 2021-09-15

CVE-2021-21798: An exploitable return of stack variable address vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause…

PriorityP346high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
15.61%
96.4th percentile
An exploitable return of stack variable address vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a stack variable to go out of scope, resulting in the application dereferencing a stale pointer. This can lead to code execution under the context of the application. An attacker can convince a user to open a document to trigger the vulnerability.

Affected

3 ranges
VendorProductVersion rangeFixed in
gonitronitro_pro
gonitronitro_pro
gonitronitro_pro

Detection & IOCsextracted from sources · hover to see the quote

snort
57296
snort
57297
  • Trigger vector is a specially crafted malicious PDF file opened by the user; monitor for suspicious PDF opens in Nitro Pro versions 13.31.0.605 and 13.33.2.645.
  • ·Confirmed vulnerable versions are Nitro Pro 13.31.0.605 and 13.33.2.645; detection and patching efforts should be scoped to these versions.
  • ·Snort rules 57296 and 57297 may be updated as additional vulnerability information becomes available; always reference the latest rules from Firepower Management Center or Snort.org.

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.