Vulnerabilities > CVE-2023-26358 - Untrusted Search Path vulnerability in Adobe Creative Cloud

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

adobe

CWE-426

NVD

Published: 2023-03-22

Updated: 2023-03-24

Summary

Creative Cloud version 5.9.1 (and earlier) is affected by an Untrusted Search Path vulnerability that might allow attackers to execute their own programs, access unauthorized data files, or modify configuration in unexpected ways. If the application uses a search path to locate critical resources such as programs, then an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. The problem extends to any type of critical resource that the application trusts.

Vulnerable Configurations

Part	Description	Count
Application	Adobe Adobe Creative Cloud - Adobe Creative Cloud 1.0.0.183 Adobe Creative Cloud 1.0.2.189 Adobe Creative Cloud 1.1.0.213 Adobe Creative Cloud 1.1.1.220 Adobe Creative Cloud 1.1.2.232 Adobe Creative Cloud 1.2.0.248 Adobe Creative Cloud 1.2.1.260 Adobe Creative Cloud 1.3.0.322 Adobe Creative Cloud 1.4.0.348 Adobe Creative Cloud 1.4.1.351 Adobe Creative Cloud 1.5.0.367 Adobe Creative Cloud 1.5.1.369 Adobe Creative Cloud 1.6.0.393 Adobe Creative Cloud 1.7.0.413 Adobe Creative Cloud 1.7.1.418 Adobe Creative Cloud 1.8.0.447 Adobe Creative Cloud 1.9.0.465 Adobe Creative Cloud 1.9.1.474 Adobe Creative Cloud 2.0.0.74 Adobe Creative Cloud 2.0.1.88 Adobe Creative Cloud 2.1 Adobe Creative Cloud 2.1.1.110 Adobe Creative Cloud 2.1.3.121 Adobe Creative Cloud 2.2.0.129 Adobe Creative Cloud 2.3.0.151 Adobe Creative Cloud 3.4.1.181 Adobe Creative Cloud 3.4.2.187 Adobe Creative Cloud 3.4.3.189 Adobe Creative Cloud 3.5.0.206 Adobe Creative Cloud 3.5.1.209 Adobe Creative Cloud 3.6.0.244 Adobe Creative Cloud 3.6.0.248 Adobe Creative Cloud 3.7.0.272 Adobe Creative Cloud 3.7.5.291 Adobe Creative Cloud 3.8.0.310 Adobe Creative Cloud 3.9.0.334 Adobe Creative Cloud 3.9.5.353 Adobe Creative Cloud 4.0.1.188 Adobe Creative Cloud 4.1.1.202 Adobe Creative Cloud 4.2.0.211 Adobe Creative Cloud 4.3.0.256 Adobe Creative Cloud 4.4.0.294 Adobe Creative Cloud 4.4.1.298 Adobe Creative Cloud 4.5.0.331 Adobe Creative Cloud 4.5.5.342 Adobe Creative Cloud 4.6.0.384 Adobe Creative Cloud 4.6.1 Adobe Creative Cloud 4.6.1.393 Adobe Creative Cloud 4.7.0.400 Adobe Creative Cloud 4.8.0.421 Adobe Creative Cloud 4.8.1.435 Adobe Creative Cloud 4.8.2.476 Adobe Creative Cloud 4.9 Adobe Creative Cloud 4.9.0.504 Adobe Creative Cloud 5.0 Adobe Creative Cloud 5.0.0.354 Adobe Creative Cloud 5.1 Adobe Creative Cloud 5.2 Adobe Creative Cloud 5.3 Adobe Creative Cloud 5.4.3	62

Common Weakness Enumeration (CWE)

CWE-426 - Untrusted Search Path

Common Attack Pattern Enumeration and Classification (CAPEC)

Leveraging/Manipulating Configuration File Search Paths
This attack loads a malicious resource into a program's standard path used to bootstrap and/or provide contextual information for a program like a path variable or classpath. J2EE applications and other component based applications that are built from multiple binaries can have very long list of dependencies to execute. If one of these libraries and/or references is controllable by the attacker then application controls can be circumvented by the attacker. A standard UNIX path looks similar to this If the attacker modifies the path variable to point to a locale that includes malicious resources then the user unwittingly can execute commands on the attackers' behalf: This is a form of usurping control of the program and the attack can be done on the classpath, database resources, or any other resources built from compound parts. At runtime detection and blocking of this attack is nearly impossible, because the configuration allows execution.

References

https://helpx.adobe.com/security/products/creative-cloud/apsb23-21.html