CVE-2021-36002

MEDIUM

Adobe Captivate <11.5.5 - Privilege Escalation

Title source: llm

Description

Adobe Captivate version 11.5.5 (and earlier) is affected by an Creation of Temporary File In Directory With Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. The attacker must plant a malicious file in a particular location of the victim's machine. Exploitation of this issue requires user interaction in that a victim must launch the Captivate Installer.

References (1)

[Patch, Vendor Advisory] https://helpx.adobe.com/security/products/captivate/apsb21-60.html

Scores

CVSS v3 5.0

EPSS 0.0008

EPSS Percentile 23.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

Classification

CWE

CWE-379 CWE-668

Status published

Affected Products (1)

adobe/captivate < 11.5.5

Timeline

Published Sep 01, 2021

Tracked Since Feb 18, 2026