CVE-2021-28633
MEDIUMAdobe Creative Cloud Desktop Application < 2.4 - Arbitrary File Overwrite via Insecure Temporary File Creation
Title source: llmDescription
Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Insecure temporary file creation vulnerability. An attacker could leverage this vulnerability to cause arbitrary file overwriting in the context of the current user. Exploitation of this issue requires physical interaction to the system.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://helpx.adobe.com/security/products/creative-cloud/apsb21-41.html
Scores
CVSS v3
6.1
EPSS
0.0047
EPSS Percentile
37.0%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-379
CWE-668
Status
published
Products (1)
adobe/creative_cloud_desktop_application
< 2.4
Published
Aug 24, 2021
Tracked Since
Feb 18, 2026