CVE-2019-7958

CWE-732Incorrect Permission Assignment3 documents3 sources
Severity
9.8CRITICAL
EPSS
0.8%
top 26.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe Creative CloudAdobe Creative Cloud Desktop Application
Timeline
PublishedAug 16
Latest updateMay 24

Description

Creative Cloud Desktop Application versions 4.6.1 and earlier have an insecure inherited permissions vulnerability. Successful exploitation could lead to privilege escalation.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5adobe/creative_cloud_desktop_applicationCreative Cloud Desktop Application versions

Patches

Patch: helpx.adobe.comPatch: helpx.adobe.com

🔴Vulnerability Details

2
GHSA
GHSA-x2fr-wg43-9j34: Creative Cloud Desktop Application versions 42022-05-24
CVEList
CVE-2019-7958: Creative Cloud Desktop Application versions 42019-08-16
CVE-2019-7958 (CRITICAL CVSS 9.8) | Creative Cloud Desktop Application | cvebase.io