Vulnerabilities > CVE-2021-28613 - Creation of Temporary File in Directory with Incorrect Permissions vulnerability in Adobe Creative Cloud Desktop Application

CVSS 3.3 - LOW

Attack vector

LOCAL

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

adobe

CWE-379

NVD

Published: 2021-09-27

Updated: 2022-02-04

Summary

Adobe Creative Cloud Desktop Application version 5.4 (and earlier) is affected by a file handling vulnerability that could allow an attacker to arbitrarily overwrite a file. Exploitation of this issue requires local access, administrator privileges and user interaction.

Vulnerable Configurations

Part	Description	Count
Application	Adobe Adobe Creative Cloud Desktop Application - Adobe Creative Cloud Desktop Application 2.4 Adobe Creative Cloud Desktop Application 2.5 Adobe Creative Cloud Desktop Application 5.1 Adobe Creative Cloud Desktop Application 5.2 Adobe Creative Cloud Desktop Application 5.4	6
OS	Apple Apple Macos -	1

Common Weakness Enumeration (CWE)

CWE-379 - Creation of Temporary File in Directory with Incorrect Permissions

References

https://helpx.adobe.com/security/products/creative-cloud/apsb21-76.html