CVE-2020-9671

CWE-732Incorrect Permission AssignmentCWE-269Improper Privilege Management3 documents3 sources
Severity
9.8CRITICAL
EPSS
0.6%
top 29.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe Creative Cloud Desktop ApplicationAdobe Adobe Creative Cloud Desktop Application
Timeline
PublishedJul 17
Latest updateMay 24

Description

Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5adobe/adobe_creative_cloud_desktop_applicationversions 5.1 and earlier

🔴Vulnerability Details

2
GHSA
GHSA-9q3x-qq6c-v6jx: Adobe Creative Cloud Desktop Application versions 52022-05-24
CVEList
CVE-2020-9671: Adobe Creative Cloud Desktop Application versions 52020-07-17
CVE-2020-9671 (CRITICAL CVSS 9.8) | Adobe Creative Cloud Desktop Applic | cvebase.io