CVE-2021-28613 HIGH

CVE-2021-28613: Adobe Creative Cloud Arbitrary File Overwrite Vulnerability

Vendor Adobe
Product Creative Cloud (desktop component)
Weakness CWE-379
Published September 27, 2021
Last update September 17, 2024

CVSS base score

7.4/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction Required
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:H

What the vulnerability does

01Description

Adobe Creative Cloud Desktop Application version 5.4 (and earlier) is affected by a file handling vulnerability that could allow an attacker to arbitrarily overwrite a file. Exploitation of this issue requires local access, administrator privileges and user interaction.

Key dates

02Disclosure timeline

September 27, 2021 CVE published
September 17, 2024 Record updated