CVE-2020-9681

Name of the Vulnerable Software and Affected Versions Adobe Genuine Service versions 6.6 and earlier

Description The issue is related to an Uncontrolled Search Path element vulnerability in the Adobe Genuine Service. This vulnerability can be exploited by an authenticated attacker to rewrite the administrator's file, potentially leading to elevated permissions. Exploitation requires user interaction. The vulnerability is also associated with an insecure procedure for searching DLL library paths, which can allow an attacker to increase their privileges.

Recommendations For Adobe Genuine Service versions 6.6 and earlier, update to a version later than 6.6 to resolve the issue. As a temporary workaround, consider restricting access to the administrator's file to minimize the risk of exploitation. Avoid using the vulnerable Adobe Genuine Service until the issue is resolved.