CVE-2020-9667

CWE-4273 documents3 sources
Severity
6.5MEDIUM
EPSS
0.1%
top 77.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe GocartAdobe Genuine Service
Timeline
PublishedApr 16
Latest updateMay 24

Description

Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker with admin privileges could plant custom binaries and execute them with System permissions. Exploitation of this issue requires user interaction.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:HExploitability: 0.6 | Impact: 5.9

Affected Packages2 packages

CVEListV5adobe/gocartunspecified6.6+1

🔴Vulnerability Details

2
GHSA
GHSA-fgmp-r99f-p6j4: Adobe Genuine Service version 62022-05-24
CVEList
Uncontrolled Search Path Element in AGSService.exe2021-04-16
CVE-2020-9667 (MEDIUM CVSS 6.5) | Adobe Genuine Service version 6.6 ( | cvebase.io