CVE-2021-21069
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Adobe | Creative Cloud (desktop component) | unspecified <= 5.3.1.470a | affected |
| Adobe | Creative Cloud (desktop component) | unspecified <= None | affected |
Weaknesses
- CWE-20: Improper Input Validation (CWE-20)
ADP Enrichment
CVE Program Container
Additional References
- https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.html
- https://www.zerodayinitiative.com/advisories/ZDI-21-281/
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.html
- https://www.zerodayinitiative.com/advisories/ZDI-21-281/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.