5 matches found
CVE-2020-9667
Adobe Genuine Service (AGS) 6.6 and earlier is affected by an Uncontrolled Search Path Element vulnerability. An authenticated admin can plant and execute custom binaries with System privileges, with exploitation requiring user interaction. Adobe issued updates (APSB20-42) to address this; update...
CVE-2020-9668
Adobe Genuine Service (AGS) version 6.6 and earlier is affected by an Improper Access Control vulnerability in how it handles symbolic links. An unauthenticated attacker could exploit this to elevate privileges in the context of the current user. The issue aligns with CVE-2020-9668 and is address...
CVE-2020-9681
Adobe Genuine Service (Windows/macOS) up to version 6.6 is affected by an Uncontrolled Search Path vulnerability that could allow an authenticated attacker to rewrite an administrator file and possibly escalate privileges. Exploitation requires user interaction. Connected sources confirm the vuln...
CVE-2021-40708
CVE-2021-40708 affects Adobe Genuine Service (AGSService installer) versions 7.3 and earlier. The root cause is privilege escalation via improper handling of temporary files/permissions, enabling an authenticated attacker to gain read/write access and execute arbitrary code with the current user’...
CVE-2021-28568
Adobe Genuine Services before version 7.1 suffered an insecure file permission during installation that could allow a locally authenticated user to escalate privileges. The issue is a local privilege escalation via an access-control/file-permission flaw within the installation process. Adobe’s ad...