Security News > 2020 > March > Critical Flaw in Adobe Creative Cloud App Allows Hackers to Delete Files
A critical vulnerability patched on Tuesday by Adobe in its Creative Cloud desktop application can be exploited by hackers to delete arbitrary files.
Adobe Creative Cloud is a set of applications and services used for video editing, graphic design, photography and web development.
According to Adobe, Jiadong Lu of the South China University of Technology and Zhiniang Peng of Qihoo 360 Core Security discovered that the Windows version of the Creative Cloud desktop application is affected by a time-of-check time-of-use race condition that can be exploited to delete arbitrary files in the context of the targeted user.
While the flaw has been assigned a critical severity rating, its priority score is 2, which indicates that Adobe does not expect to see any attacks exploiting the vulnerability too soon.
Adobe has advised customers to update the app "Soon." The flaw has been patched with the release of version 5.1.
News URL
Related news
- Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access (source)
- Hackers are exploiting critical bug in LiteSpeed Cache plugin (source)
- Russian military hackers linked to critical infrastructure attacks (source)
- Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks (source)