Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker with admin privileges could plant custom binaries and execute them with System permissions. Exploitation of this issue requires user interaction.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/integrity_service/apsb20-42.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
28 Jun 2021, 20:10
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.9
v3 : 6.5 |
28 Jun 2021, 13:15
Type | Values Removed | Values Added |
---|---|---|
Summary | Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker with admin privileges could plant custom binaries and execute them with System permissions. Exploitation of this issue requires user interaction. |
22 Apr 2021, 00:10
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:adobe:genuine_service:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* |
|
CWE | CWE-427 | |
References | (MISC) https://helpx.adobe.com/security/products/integrity_service/apsb20-42.html - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 6.9
v3 : 7.8 |
16 Apr 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-04-16 18:15
Updated : 2023-12-10 13:55
NVD link : CVE-2020-9667
Mitre link : CVE-2020-9667
CVE.ORG link : CVE-2020-9667
JSON object : View
Products Affected
adobe
- genuine_service
microsoft
- windows
apple
- macos
CWE
CWE-427
Uncontrolled Search Path Element