CVE-2021-28597

CWE-379CWE-668Exposure to Wrong Sphere3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 68.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Photoshop Elements
Timeline
PublishedJun 28
Latest updateMay 24

Description

Adobe Photoshop Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5adobe/photoshop_elementsunspecified5.2+1

🔴Vulnerability Details

2
GHSA
GHSA-p6gc-38cf-8626: Adobe Photoshop Elements version 52022-05-24
CVEList
Adobe Photoshop Elements Privilege Escalation Vulnerability - symbolic link2021-06-28
CVE-2021-28597 (MEDIUM CVSS 5.5) | Adobe Photoshop Elements version 5. | cvebase.io