CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-21069 – Adobe Creative Cloud Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-21069
Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction. Adobe Creative Cloud Desktop Application versiones 5.3 (y anteriores), está afectada por una vulnerabilidad de escalada de privilegios local que podría permitir a un atacante llamar funciones contra el instalador para llevar a cabo acciones con altos privilegios. Una explotación de este problema no requiere una interacción del usuario This vulnerability allows local attackers to escalate privileges on affected installations of Adobe Creative Cloud on Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Adobe privileged helper tool. • https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.html https://www.zerodayinitiative.com/advisories/ZDI-21-281 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9682
https://notcve.org/view.php?id=CVE-2020-9682
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write. Adobe Creative Cloud Desktop Application versiones 5.1 y anteriores, presentan una vulnerabilidad de enlace simbólico. Una explotación con éxito podría conllevar a una escritura arbitraria del sistema de archivos • https://helpx.adobe.com/security/products/creative-cloud/apsb20-33.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9671
https://notcve.org/view.php?id=CVE-2020-9671
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation. Adobe Creative Cloud Desktop Application versiones 5.1 y anteriores, presentan una vulnerabilidad de permisos de archivos no seguros. Una explotación con éxito podría conllevar a una escalada de privilegios • https://helpx.adobe.com/security/products/creative-cloud/apsb20-33.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9670
https://notcve.org/view.php?id=CVE-2020-9670
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to privilege escalation. Adobe Creative Cloud Desktop Application versiones 5.1 y anteriores, presentan una vulnerabilidad de vulnerabilidad de enlace simbólico. Una explotación con éxito podría conllevar a una escalada de privilegios • https://helpx.adobe.com/security/products/creative-cloud/apsb20-33.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •