CVE-2021-28590: 
Adobe Media Encoder vulnerability analysis and mitigation

Adobe Media Encoder version 15.2 and earlier versions were found to be affected by an Out-of-bounds Read vulnerability (CVE-2021-28590). The vulnerability was discovered and disclosed in August 2021, affecting Adobe Media Encoder software when parsing specially crafted files (NVD).

The vulnerability is classified as an Out-of-bounds Read (CWE-125) issue that occurs during file parsing operations. The severity assessment varies between sources, with the NVD assigning a CVSS v3.1 Base Score of 7.8 (HIGH) with vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, while Adobe Systems Incorporated rated it lower at 3.3 (LOW) with vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N (NVD).

If successfully exploited, this vulnerability could allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. The impact is significant as it could lead to complete system compromise, though exploitation requires user interaction in the form of opening a malicious file (NVD).

Adobe has addressed this vulnerability in versions after 15.2 of Media Encoder. Users are advised to update to the latest version of the software to mitigate this security risk (Adobe Advisory).