CVE-2021-36002

Name of the Vulnerable Software and Affected Versions Adobe Captivate versions 11.5.5 and earlier

Description The issue is related to the creation of temporary files with incorrect permissions, which could allow an attacker to escalate privileges in the context of the current user. This can be achieved by planting a malicious file in a specific location on the victim's machine. Exploitation requires user interaction, as the victim must launch the Captivate Installer.

Recommendations For Adobe Captivate versions 11.5.5 and earlier, consider restricting access to the temporary file directory to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid launching the Captivate Installer from untrusted sources. At the moment, there is no information about a newer version that contains a fix for this vulnerability.