CVE-2021-21078
6.5
CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Summary
Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by an Unquoted Service Path vulnerability in CCXProcess that could allow an attacker to achieve arbitrary code execution in the process of the current user. Exploitation of this issue requires user interaction
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Adobe | Creative Cloud (desktop component) | unspecified <= 5.3 | affected |
| Adobe | Creative Cloud (desktop component) | unspecified <= None | affected |
Weaknesses
- CWE-426: Untrusted Search Path (CWE-426)
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.