CVE-2020-3766

HIGH

Adobe Genuine Integrity Service <6.4 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-3766. PoCs published by hessandrew.

AI-analyzed exploit summary The repository contains only a README with CVE and Adobe security bulletin links, lacking any exploit code or technical details. It appears to be a placeholder or incomplete submission.

Description

Adobe Genuine Integrity Service versions Version 6.4 and earlier have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation.

Exploits (1)

nomisec STUB 1 stars

by hessandrew · poc

https://github.com/hessandrew/CVE-2020-3766_APSB20-12

View Code ZIP pw:eip

The repository contains only a README with CVE and Adobe security bulletin links, lacking any exploit code or technical details. It appears to be a placeholder or incomplete submission.

Classification

Stub 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: Adobe Integrity Service (version unspecified)

No auth needed

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory x_refsource_confirm

https://helpx.adobe.com/security/products/integrity_service/apsb20-12.html

Third Party Advisory, VDB Entry x_refsource_misc

https://www.zerodayinitiative.com/advisories/ZDI-20-372/

Scores

CVSS v3 7.8

EPSS 0.0094

EPSS Percentile 56.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-276

Status published

Products (1)

adobe/genuine_integrity_service < 6.4

Published Mar 25, 2020

Tracked Since Feb 18, 2026