CVE-2020-9681

CWE-4273 documents3 sources
Severity
6.5MEDIUM
EPSS
0.1%
top 73.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe GocartAdobe Genuine Service
Timeline
PublishedApr 16
Latest updateMay 24

Description

Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit this to rewrite the file of the administrator, which may lead to elevated permissions. Exploitation of this issue requires user interaction.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:HExploitability: 0.6 | Impact: 5.9

Affected Packages2 packages

CVEListV5adobe/gocartunspecified6.6+1

🔴Vulnerability Details

2
GHSA
GHSA-h89x-6xrv-pf29: Adobe Genuine Service version 62022-05-24
CVEList
Adobe Genuine Service privilege escalation vulnerability2021-04-16
CVE-2020-9681 (MEDIUM CVSS 6.5) | Adobe Genuine Service version 6.6 ( | cvebase.io