CVE-2021-21068 MEDIUM

CVE-2021-21068: Adobe Creative Cloud installer arbitrary file overwrite vulnerability

Vendor Adobe
Product Creative Cloud (desktop component)
Weakness CWE-379
Published March 12, 2021
Last update April 23, 2025

CVSS base score

6.1/10
Attack vector Physical
Attack complexity Low
Privileges required High
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a file handling vulnerability that could allow an attacker to cause arbitrary file overwriting. Exploitation of this issue requires physical access and user interaction.

Key dates

02Disclosure timeline

March 12, 2021 CVE published
April 23, 2025 Record updated

Related vulnerabilities

04Related CVE