CVE-2021-28597

Adobe Photoshop Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:adobe:photoshop_elements:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

18 Oct 2022, 21:10

Type Values Removed Values Added
CWE CWE-379 CWE-668

02 Jul 2021, 14:34

Type Values Removed Values Added
CWE CWE-379
CVSS v2 : unknown
v3 : unknown
v2 : 2.1
v3 : 5.5
References (MISC) https://helpx.adobe.com/security/products/photoshop_elements/apsb21-46.html - (MISC) https://helpx.adobe.com/security/products/photoshop_elements/apsb21-46.html - Vendor Advisory
CPE cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:a:adobe:photoshop_elements:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

28 Jun 2021, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-06-28 15:15

Updated : 2023-12-10 13:55


NVD link : CVE-2021-28597

Mitre link : CVE-2021-28597

CVE.ORG link : CVE-2021-28597


JSON object : View

Products Affected

microsoft

  • windows

apple

  • macos

adobe

  • photoshop_elements
CWE
CWE-668

Exposure of Resource to Wrong Sphere

CWE-379

Creation of Temporary File in Directory with Insecure Permissions