CVE-2024-34116

Summary

Creative Cloud Desktop versions 6.1.0.587 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to load and execute malicious libraries, leading to arbitrary file delete. Exploitation of this issue requires user interaction.

Affected Software

VendorProductVersion RangeStatus
AdobeCreative Cloud Desktop0 <= 6.1.0.587affected

Weaknesses

  • CWE-427: Uncontrolled Search Path Element (CWE-427)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References