Vulnerabilities > CVE-2021-26026 - Incorrect Authorization vulnerability in Acdsee Photo Studio 2021 14.0

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

acdsee

CWE-863

NVD

Published: 2021-01-26

Updated: 2021-02-03

Summary

PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!JPEGTransW+0x000000000000c7f4 via a crafted BMP image.

Vulnerable Configurations

Part	Description	Count
Application	Acdsee Acdsee Photo Studio 2021 14.0	1

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://github.com/secluck/pentest/blob/main/000033.md