CVE-2021-21069

Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:adobe:creative_cloud_desktop_application:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

07 Nov 2023, 03:29

Type Values Removed Values Added
CVSS v2 : 9.3
v3 : 7.8
v2 : 9.3
v3 : unknown

08 Sep 2021, 17:23

Type Values Removed Values Added
CPE cpe:2.3:o:apple:mac_os:-:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

18 Mar 2021, 19:36

Type Values Removed Values Added
References (MISC) https://www.zerodayinitiative.com/advisories/ZDI-21-281/ - (MISC) https://www.zerodayinitiative.com/advisories/ZDI-21-281/ - Third Party Advisory
References (MISC) https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.html - (MISC) https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.html - Patch, Vendor Advisory
CPE cpe:2.3:a:adobe:creative_cloud_desktop_application:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 7.8
v2 : 9.3
v3 : 7.8

15 Mar 2021, 10:15

Type Values Removed Values Added
References
  • (MISC) https://www.zerodayinitiative.com/advisories/ZDI-21-281/ -

12 Mar 2021, 19:23

Type Values Removed Values Added
New CVE

Information

Published : 2021-03-12 19:15

Updated : 2023-12-10 13:41


NVD link : CVE-2021-21069

Mitre link : CVE-2021-21069

CVE.ORG link : CVE-2021-21069


JSON object : View

Products Affected

adobe

  • creative_cloud_desktop_application

microsoft

  • windows

apple

  • macos
CWE
CWE-20

Improper Input Validation