CVE-2021-28633

Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Insecure temporary file creation vulnerability. An attacker could leverage this vulnerability to cause arbitrary file overwriting in the context of the current user. Exploitation of this issue requires physical interaction to the system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.1 MEDIUM
PHYSICAL
LOW
HIGH
CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
adobeCNA
6.1 MEDIUM
PHYSICAL
LOW
HIGH
CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
VendorProductVersion
adobecreative_cloud_desktop_application
𝑥
≤ 2.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://helpx.adobe.com/security/products/creative-cloud/apsb21-41.html
https://helpx.adobe.com/security/products/creative-cloud/apsb21-41.html