CVE-2009-3489

HIGH

Adobe Photoshop Elements 8.0 - Incorrect Permission Assignment for Critical Resource in Active File Monitor Service

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2009-3489. PoCs published by bellick, pyrokinesis.

AI-analyzed exploit summary This exploit leverages a service binary path manipulation vulnerability in Adobe Active File Monitor 8.0 to achieve local privilege escalation by reconfiguring the service to execute arbitrary commands.

Description

Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command.

Exploits (2)

exploitdb WORKING POC VERIFIED
by bellick · textlocalwindows
https://www.exploit-db.com/exploits/9988

This exploit leverages a service binary path manipulation vulnerability in Adobe Active File Monitor 8.0 to achieve local privilege escalation by reconfiguring the service to execute arbitrary commands.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: Adobe Active File Monitor 8.0
Auth required
Prerequisites: local interactive access · Adobe Active File Monitor 8.0 installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by pyrokinesis · textlocalwindows
https://www.exploit-db.com/exploits/9807

This exploit leverages an improper security descriptor in the Adobe Active File Monitor V8 service to allow local privilege escalation. A limited user can stop the service, modify its binary path to execute arbitrary commands, and restart it to gain SYSTEM privileges.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: Adobe Photoshop Elements 8.0
Auth required
Prerequisites: Local access to the system · User account with limited privileges · Adobe Photoshop Elements 8.0 installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Broken Link, Exploit, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/36542
Permissions Required vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/2798
Broken Link, Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/506806/100/0/threaded
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1022963
Broken Link, Exploit x_refsource_misc
http://retrogod.altervista.org/9sg_adobe_pe_local.html
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/36895

Scores

CVSS v3 7.8
EPSS 0.0195
EPSS Percentile 77.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-732
Status published
Products (1)
adobe/photoshop_elements 8.0
Published Sep 30, 2009
Tracked Since Feb 18, 2026