CVE-2021-43024: 
Adobe Premiere Rush vulnerability analysis and mitigation

Adobe Premiere Rush version 1.5.16 and earlier versions were found to contain a memory corruption vulnerability due to insecure handling of malicious WAV files. The vulnerability was assigned CVE-2021-43024 and was disclosed in December 2021. This security flaw affects Adobe Premiere Rush installations on both Windows and macOS operating systems (NVD).

The vulnerability is classified as an Out-of-bounds Write (CWE-787) issue. It received a CVSS v3.1 base score of 7.8 (High) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, and a CVSS v2.0 score of 9.3 (High) with the vector string (AV:N/AC:M/Au:N/C:C/I:C/A:C). The vulnerability requires user interaction to be exploited (NVD).

If successfully exploited, this vulnerability could lead to arbitrary code execution in the context of the current user. The high CVSS scores indicate potential severe impacts on the confidentiality, integrity, and availability of the affected system (NVD).

Adobe has addressed this vulnerability in versions after 1.5.16. Users are advised to update their Adobe Premiere Rush installations to the latest version available (Adobe Advisory).