CVE-2021-40708

CWE-3793 documents3 sources
Severity
7.3HIGH
EPSS
5.2%
top 10.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe GocartAdobe Genuine Service
Timeline
PublishedSep 29
Latest updateMay 24

Description

Adobe Genuine Service versions 7.3 (and earlier) are affected by a privilege escalation vulnerability in the AGSService installer. An authenticated attacker could leverage this vulnerability to achieve read / write privileges to execute arbitrary code. User interaction is required to abuse this vulnerability.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 1.3 | Impact: 5.9

Affected Packages2 packages

CVEListV5adobe/gocartunspecified7.3+1

🔴Vulnerability Details

2
GHSA
GHSA-4c7q-995f-pxpc: Adobe Genuine Service versions 72022-05-24
CVEList
Adobe Genuine Service Installer Privilege Escalation Vulnerability2021-09-29
CVE-2021-40708 (HIGH CVSS 7.3) | Adobe Genuine Service versions 7.3 | cvebase.io