CVE-2021-36005: 
Adobe Photoshop vulnerability analysis and mitigation

Adobe Photoshop versions 21.2.9 (and earlier) and 22.4.2 (and earlier) were identified with a stack overflow vulnerability (CVE-2021-36005). The vulnerability was discovered by Yongjun Liu of the nsfocus security team and was disclosed on July 29, 2021. The vulnerability affects Adobe Photoshop software and requires user interaction through opening a crafted PSD file (Adobe Security, NVD).

The vulnerability is characterized as a stack overflow condition that occurs due to insecure handling of a crafted PSD file. The technical nature of the vulnerability could potentially lead to arbitrary code execution in the context of the current user. The exploitation path requires user interaction, specifically requiring a victim to open a maliciously crafted PSD file in Photoshop (CVE Mitre).

If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code in the context of the current user. This means an attacker could potentially gain the same level of access and privileges as the user running the Photoshop application (NVD).

Adobe has addressed this vulnerability through security updates. Users of affected versions should update their Adobe Photoshop installations to the latest version that includes the security fix (Adobe Security).