Vulnerability Description
Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Creative Cloud Desktop Application | <= 5.3 |
| Apple | Macos | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.htmlPatchVendor Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-21-281/Third Party Advisory
- https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.htmlPatchVendor Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-21-281/Third Party Advisory
FAQ
What is CVE-2021-21069?
CVE-2021-21069 is a vulnerability with a CVSS score of 7.8 (HIGH). Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to per...
How severe is CVE-2021-21069?
CVE-2021-21069 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-21069?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Creative Cloud Desktop Application, Apple Macos, Microsoft Windows.