PT-2021-6643 · Adobe · Adobe Creative Cloud Desktop Application

Published

2021-06-08

Updated

2023-06-26

CVE-2021-28633

CVSS v2.0

6.8

Medium

Vector

AV:L/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Creative Cloud Desktop Application version 2.4 and earlier

Description The issue is related to an insecure temporary file creation, which could allow an attacker to overwrite arbitrary files in the context of the current user. Exploitation requires physical interaction with the system. The vulnerability may also allow a remote attacker to overwrite arbitrary files.

Recommendations For Adobe Creative Cloud Desktop Application version 2.4 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exposure of Resource to Wrong Sphere

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-379CWE-668

Related Identifiers

BDU:2022-01959

CVE-2021-28633

Affected Products

Adobe Creative Cloud Desktop Application

PT-2021-6643 · Adobe · Adobe Creative Cloud Desktop Application

CVE-2021-28633

Weakness Enumeration

Related Identifiers

Affected Products

References · 4