CVE-2023-26358

Name of the Vulnerable Software and Affected Versions Adobe Creative Cloud Desktop Application versions 5.9.1 and earlier

Description The issue is related to an untrusted search path in the application, which could allow an attacker to execute arbitrary code, access unauthorized data files, or modify configuration in unexpected ways. If the application uses a search path to locate critical resources, an attacker could modify that path to point to a malicious program, which the targeted application would then execute. This problem extends to any type of critical resource that the application trusts.

Recommendations For Adobe Creative Cloud Desktop Application versions 5.9.1 and earlier, consider restricting access to critical resources until a patch is available. As a temporary workaround, avoid using the application's search path functionality to locate critical resources.