CVE-2018-4992

CWE-20 — Improper Input Validation3 documents3 sources

Severity

7.8HIGH

EPSS

0.3%

top 46.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Creative Cloud

Timeline

PublishedMay 19

Latest updateMay 14

Description

Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Improper input validation vulnerability. Successful exploitation could lead to local privilege escalation.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5creative_cloud_desktop_application_4.4.1.298_and_earlier_versionsCreative Cloud Desktop Application 4.4.1.298 and earlier versions

▶NVDadobe/creative_cloud4.4.1.298

🔴Vulnerability Details

GHSA

GHSA-779h-xx5r-h8f3: Adobe Creative Cloud Desktop Application versions 4↗2022-05-14

▶

CVEList

CVE-2018-4992: Adobe Creative Cloud Desktop Application versions 4↗2018-05-19

▶