CVE-2021-28633

MEDIUM

6.1

Description

Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Insecure temporary file creation vulnerability. An attacker could leverage this vulnerability to cause arbitrary file overwriting in the context of the current user. Exploitation of this issue requires physical interaction to the system.

CVE Details

CVSS v3.1 Score6.1

SeverityMEDIUM

CVSS VectorCVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Attack VectorPHYSICAL

ComplexityLOW

Privileges RequiredHIGH

User InteractionREQUIRED

Published8/24/2021

Last Modified11/21/2024

Sourcenvd

Honeypot Sightings0

Affected Products

adobe:creative_cloud_desktop_application

Weaknesses (CWE)

CWE-379CWE-668

References

https://helpx.adobe.com/security/products/creative-cloud/apsb21-41.html(psirt@adobe.com)

https://helpx.adobe.com/security/products/creative-cloud/apsb21-41.html(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.