CVE-2021-28613

CWE-3793 documents3 sources

Severity

7.4HIGH

EPSS

0.1%

top 77.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Creative Cloud (desktop Component)Adobe Creative Cloud Desktop Application

Timeline

PublishedSep 27

Latest updateMay 24

Description

Adobe Creative Cloud Desktop Application version 5.4 (and earlier) is affected by a file handling vulnerability that could allow an attacker to arbitrarily overwrite a file. Exploitation of this issue requires local access, administrator privileges and user interaction.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:HExploitability: 1.1 | Impact: 5.8

Affected Packages2 packages

▶NVDadobe/creative_cloud_desktop_application5.4

▶CVEListV5adobe/creative_cloud_(desktop_component)unspecified — 5.4+1

Patches

Patch: helpx.adobe.com ↗Patch: helpx.adobe.com ↗

🔴Vulnerability Details

GHSA

GHSA-mm62-qgr2-384q: Adobe Creative Cloud Desktop Application version 5↗2022-05-24

▶

CVEList

Adobe Creative Cloud Arbitrary File Overwrite Vulnerability↗2021-09-27

▶