CVE-2021-28623

CWE-379CWE-668Exposure to Wrong Sphere3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 65.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe Premiere ElementsAdobe Premiere
Timeline
PublishedJun 28
Latest updateMay 24

Description

Adobe Premiere Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5adobe/premiereunspecified5.2+1

🔴Vulnerability Details

2
GHSA
GHSA-c86x-vfvf-3hm7: Adobe Premiere Elements version 52022-05-24
CVEList
Adobe Premiere Elements Privilege Escalation Vulnerability2021-06-28
CVE-2021-28623 (MEDIUM CVSS 5.5) | Adobe Premiere Elements version 5.2 | cvebase.io