PT-2025-42383 · Adobe · Creative Cloud Desktop
Published
2025-10-15
·
Updated
2025-10-15
·
CVE-2025-54271
CVSS v3.1
5.6
Medium
| Vector | AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Creative Cloud Desktop versions 6.7.0.278 and earlier
Description
A Time-of-check Time-of-use (TOCTOU) Race Condition exists in Creative Cloud Desktop that could allow arbitrary file system write. An attacker with low privileges could exploit the timing between the check and use of a resource, potentially leading to unauthorized file modifications. Exploitation does not require user interaction.
Recommendations
Update Creative Cloud Desktop to a version later than 6.7.0.278.
Fix
Time Of Check To Time Of Use
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Creative Cloud Desktop