Vulnerabilities > CVE-2021-21068 - Creation of Temporary File in Directory with Incorrect Permissions vulnerability in Adobe Creative Cloud Desktop Application

CVSS 6.1 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

adobe

CWE-379

NVD

Published: 2021-03-12

Updated: 2023-11-07

Summary

Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a file handling vulnerability that could allow an attacker to cause arbitrary file overwriting. Exploitation of this issue requires physical access and user interaction.

Vulnerable Configurations

Part	Description	Count
Application	Adobe Adobe Creative Cloud Desktop Application - Adobe Creative Cloud Desktop Application 2.4 Adobe Creative Cloud Desktop Application 2.5 Adobe Creative Cloud Desktop Application 2.7.0.13 Adobe Creative Cloud Desktop Application 5.1 Adobe Creative Cloud Desktop Application 5.2	6
OS	Apple Apple Macos -	1
OS	Microsoft Microsoft Windows -	1

Common Weakness Enumeration (CWE)

CWE-379 - Creation of Temporary File in Directory with Incorrect Permissions

References

https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.html