Bulletin ID
Security update available for Adobe Creative Cloud Desktop Application | APSB21-31
|
Date Published |
Priority |
---|---|---|
ASPB21-31 |
May 11, 2021 |
3 |
Summary
Adobe has released an update for the Creative Cloud Desktop Application for Windows. This update includes a fix for a critical vulnerability that could lead to arbitrary code execution in the context of current user.
Affected versions
Product |
Affected version |
Platform |
Creative Cloud Desktop Application |
5.3 and earlier version |
Windows |
Solution
Adobe categorizes this update with the following priority rating and recommends users update their installation to the newest version:
Product |
Updated version |
Platform |
Priority rating |
Availability |
Creative Cloud Desktop Application (CCLibrary.exe) |
5.4.3 (3.12.11.1) |
Windows |
3 |
Vulnerability Details
Vulnerability Category |
Vulnerability Impact |
Severity |
CVE Numbers |
---|---|---|---|
Uncontrolled Search Path Element |
Privilege escalation |
Critical |
CVE-2021-28581 |
Acknowledgments
Adobe would like to thank Xavier DANEST for reporting this issue and for working with Adobe to help protect our customers.