CVE-2021-40769: 
Adobe Character Animator vulnerability analysis and mitigation

Adobe Character Animator version 4.4 (and earlier versions) was found to contain an out-of-bounds read vulnerability that could potentially expose sensitive memory information. The vulnerability was assigned identifier CVE-2021-40769 and was discovered by Mat Powell working with Trend Micro Zero Day Initiative (Adobe Advisory).

The vulnerability is classified as an out-of-bounds read (CWE-125) that affects Adobe Character Animator up to version 4.4. The severity assessment shows a CVSS v3.0 Base Score of 3.3 (LOW) with the vector string CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N, while the CVSS v2.0 score is 4.3 (MEDIUM) with vector (AV:N/AC:M/Au:N/C:P/I:N/A:N) (NVD).

If exploited, this vulnerability could lead to the disclosure of sensitive memory information. The impact is particularly significant as it could potentially allow attackers to bypass security mitigations such as Address Space Layout Randomization (ASLR) (NVD).

Adobe has addressed this vulnerability in subsequent versions after 4.4. Users are advised to update to the latest version of Adobe Character Animator to mitigate this security risk (Adobe Advisory).