CVE-2021-43017

Name of the Vulnerable Software and Affected Versions Adobe Creative Cloud versions 5.5 and earlier

Description The issue is related to an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker with root privileges could leverage this vulnerability to achieve denial of service by planting a malicious file on the victim's local machine. The vulnerability is also associated with the creation of temporary files with insecure permissions. User interaction is required before product installation to abuse this vulnerability.

Recommendations For Adobe Creative Cloud versions 5.5 and earlier, consider disabling the Creative Cloud Desktop installer until a patch is available to prevent potential denial of service attacks. Restrict access to temporary files created by the installer to minimize the risk of exploitation. Avoid using the affected Creative Cloud Desktop Application until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.