CVE-2025-21162 MEDIUM

CVE-2025-21162: Photoshop Elements | Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)

Vendor Adobe
Product Photoshop Elements
Weakness CWE-379
Published February 11, 2025
Last update February 11, 2025

CVSS base score

5.5/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

What the vulnerability does

01Description

Photoshop Elements versions 2025.0 and earlier are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Key dates

02Disclosure timeline

February 11, 2025 CVE published
February 11, 2025 Record updated