CVE-2021-28581

Adobe Creative Cloud Desktop uncontrolled search path element vulnerability could lead to local privilege escalation

CVSS 7.3 HIGHEPSS 0.8%CWE-427

Vexday Risk Score

21Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 7.3EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

08 sep 2021Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

Adobe Creative Cloud Desktop 3.5 (and earlier) is affected by an uncontrolled search path vulnerability that could result in elevation of privileges. Exploitation of this issue requires user interaction in that a victim must log on to the attacker's local machine.

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Productos afectados

Adobe · Creative Cloud (desktop component)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://helpx.adobe.com/security/products/creative-cloud/apsb21-31.html