Security News > 2020 > March > Critical Flaw in Adobe Creative Cloud App Allows Hackers to Delete Files
A critical vulnerability patched on Tuesday by Adobe in its Creative Cloud desktop application can be exploited by hackers to delete arbitrary files.
Adobe Creative Cloud is a set of applications and services used for video editing, graphic design, photography and web development.
According to Adobe, Jiadong Lu of the South China University of Technology and Zhiniang Peng of Qihoo 360 Core Security discovered that the Windows version of the Creative Cloud desktop application is affected by a time-of-check time-of-use race condition that can be exploited to delete arbitrary files in the context of the targeted user.
While the flaw has been assigned a critical severity rating, its priority score is 2, which indicates that Adobe does not expect to see any attacks exploiting the vulnerability too soon.
Adobe has advised customers to update the app "Soon." The flaw has been patched with the release of version 5.1.
News URL
Related news
- Iranian hackers act as brokers selling critical infrastructure access (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services (source)
- Hackers steal 15,000 cloud credentials from exposed Git config files (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)