CVE-2021-28547 HIGH

CVE-2021-28547: Adobe Creative Cloud for macOS Privilege Escalation Vulnerability

Vendor Adobe

Product Creative Cloud (desktop component)

Weakness CWE-20 · Input validation

Published September 29, 2021

Last update April 23, 2025

View on NVD All CVEs

CVSS base score

7.8/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Adobe Creative Cloud Desktop Application for macOS version 5.3 (and earlier) is affected by a privilege escalation vulnerability that could allow a normal user to delete the OOBE directory and get permissions of any directory under the administrator authority.

Key dates

02Disclosure timeline

September 29, 2021 CVE published

April 23, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-28547 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

Identifiers

CVE CVE-2021-28547

CWE CWE-20

CVSS 7.8 / HIGH

Affected versions

Vendor Adobe

Product Creative Cloud (desktop component)

Affected ≥ unspecified and ≤ 5.3

Vendor Adobe

Product Creative Cloud (desktop component)

Affected ≥ unspecified and ≤ None

CVE-2021-28547: Adobe Creative Cloud for macOS Privilege Escalation Vulnerability

01Description

02Disclosure timeline

03References

04Related CVE