CVE-2021-21069

high

Description

Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.

References

https://www.zerodayinitiative.com/advisories/ZDI-21-281/

https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.html

Details

Source: Mitre, NVD

Published: 2021-03-12

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High