CVE-2021-40708

Summary

Adobe Genuine Service versions 7.3 (and earlier) are affected by a privilege escalation vulnerability in the AGSService installer. An authenticated attacker could leverage this vulnerability to achieve read / write privileges to execute arbitrary code. User interaction is required to abuse this vulnerability.

Affected Software

VendorProductVersion RangeStatus
AdobeGoCartunspecified <= 7.3affected
AdobeGoCartunspecified <= Noneaffected

Weaknesses

  • CWE-379: Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)

ADP Enrichment

CVE Program Container

Additional References

References