← Back to CVEs
CVE-2021-36002
MEDIUM5.0
Description
Adobe Captivate version 11.5.5 (and earlier) is affected by an Creation of Temporary File In Directory With Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. The attacker must plant a malicious file in a particular location of the victim's machine. Exploitation of this issue requires user interaction in that a victim must launch the Captivate Installer.
CVE Details
CVSS v3.1 Score5.0
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredLOW
User InteractionREQUIRED
Published9/1/2021
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
adobe:captivate
Weaknesses (CWE)
CWE-379CWE-668
References
https://helpx.adobe.com/security/products/captivate/apsb21-60.html(psirt@adobe.com)
https://helpx.adobe.com/security/products/captivate/apsb21-60.html(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.