CVE-2020-9724

CWE-427CWE-269Improper Privilege Management3 documents3 sources
Severity
7.8HIGH
EPSS
1.3%
top 20.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe LightroomAdobe Adobe Lightroom
Timeline
PublishedAug 19
Latest updateMay 24

Description

Adobe Lightroom versions 9.2.0.10 and earlier have an insecure library loading vulnerability. Successful exploitation could lead to privilege escalation.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDadobe/lightroom9.2.0.10
CVEListV5adobe/adobe_lightroom9.2.0.10 and earlier versions

🔴Vulnerability Details

2
GHSA
GHSA-95rg-hhj8-x7x6: Adobe Lightroom versions 92022-05-24
CVEList
CVE-2020-9724: Adobe Lightroom versions 92020-08-19
CVE-2020-9724 (HIGH CVSS 7.8) | Adobe Lightroom versions 9.2.0.10 a | cvebase.io