Vulnerabilities > CVE-2021-40776 - Unspecified vulnerability in Adobe Lightroom

CVSS 6.1 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

adobe

NVD

Published: 2022-06-15

Updated: 2022-11-07

Summary

Adobe Lightroom Classic 10.3 (and earlier) are affected by a privilege escalation vulnerability in the Offline Lightroom Classic installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product installation to abuse this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Adobe Adobe Lightroom - Adobe Lightroom 9.2.0.10 Adobe Lightroom 9.3 Adobe Lightroom 10.0 Adobe Lightroom 10.1 Adobe Lightroom 10.3	6
OS	Microsoft Microsoft Windows -	1
OS	Apple Apple Macos -	1

References

https://helpx.adobe.com/security/products/lightroom/apsb21-97.html