Creative Cloud Desktop Application Security Vulnerabilities and Issues — Creative Cloud Desktop Application CVE List

AdobeCreative Cloud Desktop Application

14 matches found

CVE•added 2022/02/16 4:38 p.m.•243 views

CVE-2022-23202

CVE-2022-23202 affects Adobe Creative Cloud Desktop 2.7.0.13 and earlier. The issue is an Uncontrolled Search Path Element that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must download a malicious DLL and place it in...

7CVSS7.2AI score0.02165EPSS

CVE•added 2024/06/13 11:26 a.m.•158 views

CVE-2024-34116

Adobe Creative Cloud Desktop (Windows/macOS) versions 6.1.0.587 and earlier are affected by an Uncontrolled Search Path Element vulnerability that can allow loading and executing malicious libraries, potentially resulting in arbitrary file deletion and a security feature bypass. Exploitation requ...

7.1CVSS7AI score0.00298EPSS

CVE•added 2021/03/12 6:11 p.m.•102 views

CVE-2021-21069

CVE-2021-21069 pertains to Adobe Creative Cloud Desktop Application 5.3 and earlier, where a local privilege escalation could let an attacker call installer functions to perform high-privilege actions. Exploitation reportedly requires no user interaction. Affected product details are confirmed ac...

9.3CVSS6.7AI score0.02467EPSS

CVE•added 2020/07/17 12:1 a.m.•84 views

CVE-2020-9682

CVE-2020-9682 affects Adobe Creative Cloud Desktop Application versions 5.1 and earlier. The issue is a symlink vulnerability that could allow arbitrary file-system write. The vulnerability is documented across multiple sources (NVD entry and vendor advisories) with high/severe impact. Remediatio...

10CVSS9.2AI score0.04306EPSS

CVE•added 2021/03/12 6:16 p.m.•81 views

CVE-2021-21078

Summary (CVE-2021-21078) : Adobe Creative Cloud Desktop Application versions 5.3 and earlier are affected by an Unquoted Service Path in CCXProcess that could enable arbitrary code execution in the current user’s process. Exploitation requires user interaction. The issue is documented in the APSB...

6.5CVSS6.8AI score0.01081EPSS

CVE•added 2020/07/16 11:59 p.m.•71 views

CVE-2020-9670

CVE-2020-9670 concerns the Adobe Creative Cloud Desktop Application, affected in versions 5.1 and earlier. The connected documents confirm a symlink vulnerability in this product/component that could allow privilege escalation if exploited. The risk is framed in multiple sources as part of APSB20...

9.8CVSS9.2AI score0.03555EPSS

CVE•added 2021/03/12 6:12 p.m.•69 views

CVE-2021-21068

Adobe Creative Cloud Desktop Application (Windows/macOS) 5.3 and earlier is affected by a file-handling vulnerability that can lead to arbitrary file overwriting. Exploitation requires physical access and user interaction (local/physical vector). Multiple sources indicate broader impact that coul...

6.1CVSS6AI score0.00621EPSS

CVE•added 2020/07/17 12:0 a.m.•67 views

CVE-2020-9671

Adobe Creative Cloud Desktop Application versions 5.1 and earlier contain an insecure file permissions vulnerability (CVE-2020-9671). Exploitation could lead to privilege escalation. Affected product: Adobe Creative Cloud Desktop; root cause: insecure file permissions. Public references in the se...

9.8CVSS9.3AI score0.03999EPSS

CVE•added 2021/09/27 3:42 p.m.•63 views

CVE-2021-28613

Adobe Creative Cloud Desktop Application

7.4CVSS7.1AI score0.00472EPSS

CVE•added 2021/11/18 6:35 p.m.•62 views

CVE-2021-43017

Summary (CVE-2021-43017) Adobe Creative Cloud Desktop installer prior to v5.6 is affected by an application DoS vulnerability. An authenticated attacker with root privileges could cause a denial of service by placing a malicious file on the victim’s local machine, with user interaction required b...

4.2CVSS4.3AI score0.01134EPSS

CVE•added 2021/08/24 6:18 p.m.•61 views

CVE-2021-28594

The CVE-2021-28594 entry concerns Adobe Creative Cloud Desktop Application installer (2.4 and earlier). The vulnerability is an Uncontrolled Search Path Element in the installer, allowing arbitrary code execution in the current user context. Exploitation requires user interaction (victim opens a ...

9.3CVSS7.7AI score0.02689EPSS

CVE•added 2021/11/23 6:3 p.m.•61 views

CVE-2021-43019

Adobe Creative Cloud Desktop/Application installers prior to 5.6 are affected by a local privilege-escalation due to incorrect permissions on resources used by the Setup.exe service. An unauthenticated attacker who can run low-privileged code and has user interaction can escalate to SYSTEM and re...

9.3CVSS7.9AI score0.02109EPSS

CVE•added 2021/09/29 3:45 p.m.•55 views

CVE-2021-28547

Adobe Creative Cloud Desktop for macOS 5.3 and earlier is affected by a local privilege‑escalation vulnerability that could allow a normal user to delete the OOBE directory and gain permissions to directories under administrator authority. Affected component is the installer/OOBE handling; root c...

7.8CVSS7.6AI score0.00503EPSS

CVE•added 2021/08/24 6:18 p.m.•51 views

CVE-2021-28633

Adobe Creative Cloud Desktop Application installer version 2.4 and earlier is affected by an Insecure temporary file creation vulnerability that can lead to arbitrary file overwriting in the user context. Exploitation requires physical interaction. Remediation per APSB21-41 is to update to a newe...

6.1CVSS6.1AI score0.00487EPSS