DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2020-9667", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2020-9667", "description": "Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker with admin privileges could plant custom binaries and execute them with System permissions. Exploitation of this issue requires user interaction.", "published": "2021-04-16T18:15:00", "modified": "2021-06-28T20:10:00", "epss": [{"cve": "CVE-2020-9667", "epss": 0.00057, "percentile": 0.21598, "modified": "2023-12-06"}], "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 6.9}, "severity": "MEDIUM", "exploitabilityScore": 3.4, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 0.6, "impactScore": 5.9}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9667", "reporter": "psirt@adobe.com", "references": ["https://helpx.adobe.com/security/products/integrity_service/apsb20-42.html"], "cvelist": ["CVE-2020-9667"], "immutableFields": [], "lastseen": "2023-12-06T16:49:47", "viewCount": 42, "enchantments": {"dependencies": {"references": [{"type": "adobe", "idList": ["APSB20-42"]}, {"type": "prion", "idList": ["PRION:CVE-2020-9667"]}, {"type": "threatpost", "idList": ["THREATPOST:C22F1F8B7AB3041436E903528767C174"]}]}, "score": {"value": 7.4, "uncertanity": 0.1, "vector": "NONE"}, "twitter": {"counter": 3, "modified": "2021-04-17T09:49:47", "tweets": [{"link": "https://twitter.com/SecRiskRptSME/status/1383685907291676673", "text": "RT:\n\nCVE-2020-9667 Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit this to to plant custom binaries and execute them with System permissions. Exploitati... \u2026"}, {"link": "https://twitter.com/SecRiskRptSME/status/1383685907291676673", "text": "RT:\n\nCVE-2020-9667 Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit this to to plant custom binaries and execute them with System permissions. Exploitati... \u2026"}, {"link": "https://twitter.com/DarkEagleCyber/status/1385336115087896580", "text": "CVE-2020-9667 (genuine_service) https://t.co/zSmutfC9hZ?amp=1"}]}, "backreferences": {"references": [{"type": "adobe", "idList": ["APSB20-42"]}, {"type": "threatpost", "idList": ["THREATPOST:C22F1F8B7AB3041436E903528767C174"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "adobe genuine service", "version": 6}]}, "epss": [{"cve": "CVE-2020-9667", "epss": 0.00057, "percentile": 0.21634, "modified": "2023-05-07"}], "short_description": "Adobe Genuine Svc v6.6 Uncontrolled Search Path vulnerabilit", "tags": ["cve-2020-9667", "adobe", "genuine service", "uncontrolled search path", "vulnerability", "nvd"], "vulnersScore": 7.4}, "_state": {"dependencies": 1701882658, "score": 1701881981, "affected_software_major_version": 0, "epss": 0, "chatgpt": 0}, "_internal": {"score_hash": "6b57fa772002fc6e0a061270ca826e1c", "chatgpt": "bcd8b0c2eb1fce714eab6cef0d771acc"}, "cna_cvss": {"cna": "adobe", "cvss": {"3": {"vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "score": 6.5}}}, "cpe": ["cpe:/a:adobe:genuine_service:6.6"], "cpe23": ["cpe:2.3:a:adobe:genuine_service:6.6:*:*:*:*:*:*:*"], "cwe": ["CWE-427"], "affectedSoftware": [{"cpeName": "adobe:genuine_service", "version": "6.6", "operator": "le", "name": "adobe genuine service"}], "affectedConfiguration": [{"name": "apple macos", "cpeName": "apple:macos", "version": "-", "operator": "eq"}, {"name": "microsoft windows", "cpeName": "microsoft:windows", "version": "-", "operator": "eq"}], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "AND", "children": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:adobe:genuine_service:6.6:*:*:*:*:*:*:*", "versionEndIncluding": "6.6", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": false, "cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": []}]}], "cpe_match": []}]}, "extraReferences": [{"url": "https://helpx.adobe.com/security/products/integrity_service/apsb20-42.html", "name": "https://helpx.adobe.com/security/products/integrity_service/apsb20-42.html", "refsource": "MISC", "tags": ["Vendor Advisory"]}], "product_info": [{"vendor": "Adobe", "product": "GoCart"}], "solutions": [], "workarounds": [], "impacts": [], "problemTypes": [{"descriptions": [{"cweId": "CWE-427", "description": "Uncontrolled Search Path Element (CWE-427)", "lang": "en", "type": "CWE"}]}], "exploits": [], "assigned": "2020-03-02T00:00:00"}

{"prion": [{"lastseen": "2023-11-22T01:49:53", "description": "Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker with admin privileges could plant custom binaries and execute them with System permissions. Exploitation of this issue requires user interaction.", "cvss3": {"exploitabilityScore": 0.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-04-16T18:15:00", "type": "prion", "title": "Path traversal", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9667"], "modified": "2021-06-28T20:10:00", "id": "PRION:CVE-2020-9667", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2020-9667", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "adobe": [{"lastseen": "2021-09-30T17:39:46", "description": "Adobe has released updates for the Adobe Genuine Service for Windows and macOS. This update resolves [important]() vulnerabilities which could lead to privilege escalation in the context of the current user. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-07-14T00:00:00", "type": "adobe", "title": "APSB20-42 Security\u202fupdate available\u202ffor Adobe Genuine Service", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9667", "CVE-2020-9668", "CVE-2020-9681"], "modified": "2020-07-14T00:00:00", "id": "APSB20-42", "href": "https://helpx.adobe.com/security/products/integrity_service/apsb20-42.html", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2020-10-15T22:16:47", "description": "Adobe has released its scheduled July 2020 security updates, covering flaws in five different product areas: Creative Cloud Desktop; Media Encoder; Download Manager; Genuine Service; and ColdFusion.\n\nFour of the bugs are rated critical in severity, with the others ranked as important. Most of the important flaws involve privilege escalation, with the critical bugs opening the door to more dangerous attacks.\n\n[](<https://threatpost.com/newsletter-sign/>)\n\n\u201cUpdates to both Adobe Download Manager and Media Encoder address critical vulnerabilities (CVE-2020-9688, 9646, and 9650) that could lead to arbitrary code execution,\u201d Justin Knapp, product marketing manager at Automox, told Threatpost. \u201cThe fourth critical vulnerability (CVE-2020-9682) impacts Creative Cloud Desktop, and if exploited, could allow an attacker to create or modify files.\u201d\n\n**Creative Cloud Desktop**\n\nAdobe has [released patches](<https://helpx.adobe.com/security/products/creative-cloud/apsb20-33.html>) for four different flaws in its Creative Cloud Desktop Application for Windows, including a critical flaw allowing arbitrary file system writes.\n\nCreative Cloud is a suite of apps and services for creating and processing video, design, photography and web art. Affected versions of the product include Creative Cloud Desktop Application 5.1 and earlier, Adobe noted in its scheduled monthly security update on Tuesday.\n\nThe critical flaw is a symbolic link (symlink) vulnerability (CVE-2020-9682) that could allow an attacker with a successful exploit to create or modify a file in a location they could not normally access. Symlinks are shortcuts to other files.\n\n\u201cWhile this is a critical vulnerability, Adobe has ranked it a 2, which means these systems could be at an increased risk based on past history, then again for this particular vulnerability there are no current known exploits,\u201d said Jimmy Graham, senior director of product management, after reviewing the advisory.\n\nThe patches also address three important-rated security bugs, all of which could lead to privilege escalation in the context of the current user. The bug tracked as CVE-2020-9669 is caused due to a lack of exploit mitigations; CVE-2020-9671 is caused via insecure file permissions; and CVE-2020-9670 is another, less severe symlink vulnerability.\n\nAcknowledgements for finding the flaws went to Xavier Danest of Decathlon (CVE-2020-9671); and Zhongcheng Li of Topsec Alpha Team (CVE-2020-9669, CVE-2020-9670 and CVE-2020-9682).\n\n**Media Encoder**\n\nAdobe also released [an update](<https://helpx.adobe.com/security/products/media-encoder/apsb20-36.html>) for Adobe Media Encoder for Windows, 14.2 and earlier versions. Media Encoder is part of Adobe\u2019s video-editing suite and is responsible for converting video files to the proper format to ensure they play well on different kinds of devices.\n\nThe advisory addresses two critical out-of-bounds write bugs (CVE-2020-9650 and CVE-2020-9646) that could lead to arbitrary code execution; and an important out-of-bound read (CVE-2020-9649) that could allow information disclosure in the context of the current user.\n\n\u201cOn its own, arbitrary code-execution exploits are limited in scope to the privilege of the affected process, but when combined with privilege escalation vulnerabilities it can allow an attacker to quickly escalate a process\u2019s privileges and execute code on the target system giving the attacker full control over the device,\u201d Knapp said.\n\nAdobe credited the Trend Micro Zero Day Initiative for reporting the issues.\n\n**Download Manager**\n\nAlso among the security fixes is [a patch](<https://helpx.adobe.com/security/products/adm/apsb20-49.html>) for a critical vulnerability that could lead to arbitrary code-execution in Adobe Download Manager for Windows. The bug (CVE-2020-9688) affects version 2.0.0.518 of the platform.\n\nThe issue allows for command injection if exploited, which could ultimately open the door to arbitrary code-execution.\n\nSecurity researcher Dhiraj Mishra (@RandomDhiraj) reported the issue.\n\n**Genuine Service**\n\nThe Adobe Genuine Service for Windows and macOS meanwhile, which periodically validates already-installed Adobe software to root out incorrect and invalid licenses, and pirated software, has three important vulnerabilities.\n\nThese could all lead to privilege escalation in the context of the current user. They include two insecure library loading bugs (CVE-2020-9667 and CVE-2020-9681); and one is a result of the mishandling of symlinks (CVE-2020-9668)\n\nThey affect Genuine Service versions 6.6 and earlier versions, according to [Adobe\u2019s update](<https://helpx.adobe.com/security/products/integrity_service/apsb20-42.html>).\n\nAdobe credited Adrian Denkiewicz from CQURE (CVE-2020-9667) and Topsec Alpha Team\u2019s Li (CVE-2020-9668, CVE-2020-9681) for the finds.\n\n**Adobe ColdFusion**\n\nAnd finally, Adobe [also released](<https://helpx.adobe.com/security/products/integrity_service/apsb20-42.html>) patches for multiple important vulnerabilities in ColdFusion versions 2016 (Update 15 and earlier) and 2018 (Update 9 and earlier). ColdFusion is the vendor\u2019s popular platform for building and deploying web and mobile applications.\n\nTwo CVEs cover flaws allowing DLL search-order hijacking, leading to privilege escalation (CVE-2020-9672 and CVE-2020-9673). The bugs were reported by Nuttakorn Tungpoonsup and Ammarit Thongthua of the Secure D Center Research Team, along with Sittikorn Sangrattanapitak, an independent cybersecurity researcher.\n\nThe July patch update is light compared to [Adobe\u2019s usual slew of monthly security fixes](<https://helpx.adobe.com/security/products/integrity_service/apsb20-42.html>), but that may be because the company issued an out-of-band update for 18 critical vulnerabilities in mid-June. These impacted a [raft of key products](<https://helpx.adobe.com/security/products/integrity_service/apsb20-42.html>), including Adobe After Effects, Illustrator, Premiere Pro, Premiere Rush and Audition. With successful exploits, the flaws would allow attackers to execute arbitrary code.\n\n\u201cThe Adobe bulletin list for this month is pretty light and none of the more high-profile targets are included,\u201d Chris Goettl, director of product management for security at Ivanti, told Threatpost. \u201cFlash player has a release as well, but it is not security-related. Adobe Acrobat and Reader were updated in May so it is likely we will see the due for some attention in the August patch cycle.\u201d\n\nAs for July\u2019s updates, administrators should nonetheless prioritize applying the patches ASAP, Knapp said.\n\n\u201cWith the average organization taking 107 days to patch a new vulnerability, it is likely that there are now many organizations with both arbitrary code-execution and privilege-escalation vulnerabilities present on corporate devices that could create a perfect storm for attackers to exploit,\u201d he told Threatpost.\n\n**_BEC and enterprise email fraud is surging, but DMARC can help \u2013 if it\u2019s done right. On July 15 at 2 p.m. ET, join Valimail Global Technical Director Steve Whittle and Threatpost for a _**[**_FREE webinar_**](<https://helpx.adobe.com/security/products/integrity_service/apsb20-42.html>)**_, \u201cDMARC: 7 Common Business Email Mistakes.\u201d This technical \u201cbest practices\u201d session will cover constructing, configuring, and managing email authentication protocols to ensure your organization is protected. _**[**_Click here to register_**](<https://helpx.adobe.com/security/products/integrity_service/apsb20-42.html>)**_ for this Threatpost webinar, sponsored by Valimail._**\n", "cvss3": {}, "published": "2020-07-14T17:02:03", "type": "threatpost", "title": "Adobe Discloses Critical Code-Execution Bugs in July Update", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2020-24400", "CVE-2020-24407", "CVE-2020-9646", "CVE-2020-9649", "CVE-2020-9650", "CVE-2020-9667", "CVE-2020-9668", "CVE-2020-9669", "CVE-2020-9670", "CVE-2020-9671", "CVE-2020-9672", "CVE-2020-9673", "CVE-2020-9681", "CVE-2020-9682", "CVE-2020-9688"], "modified": "2020-07-14T17:02:03", "id": "THREATPOST:C22F1F8B7AB3041436E903528767C174", "href": "https://threatpost.com/adobe-critical-code-execution-bugs-july/157420/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}