CVE-2021-21068

CWE-3793 documents3 sources
Severity
6.1MEDIUM
EPSS
0.1%
top 73.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe Creative Cloud (desktop Component)Adobe Creative Cloud Desktop Application
Timeline
PublishedMar 12
Latest updateMay 24

Description

Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a file handling vulnerability that could allow an attacker to cause arbitrary file overwriting. Exploitation of this issue requires physical access and user interaction.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:HExploitability: 0.2 | Impact: 5.9

Affected Packages2 packages

CVEListV5adobe/creative_cloud_(desktop_component)unspecified5.3+1

🔴Vulnerability Details

2
GHSA
GHSA-jxwm-wcqc-fgcc: Adobe Creative Cloud Desktop Application version 52022-05-24
CVEList
Adobe Creative Cloud installer arbitrary file overwrite vulnerability2021-03-12
CVE-2021-21068 (MEDIUM CVSS 6.1) | Adobe Creative Cloud Desktop Applic | cvebase.io