Adobe Creative Cloud Incorrect Permission Assignment Privilege Escalation Vulnerability

Adobe Creative Cloud version 5.5 (and earlier) are affected by a privilege escalation vulnerability in the resources leveraged by the Setup.exe service. An unauthenticated attacker could leverage this vulnerability to remove files and escalate privileges under the context of SYSTEM . An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability on the product installer. User interaction is required before product installation to abuse this vulnerability.

N/A

关键资源的不正确权限授予

Adobe Creative Cloud Desktop Application 访问控制错误漏洞

Adobe Creative Cloud Desktop Application是美国奥多比（Adobe）公司的一套用于在Creative云会员管理中心管理应用程序和服务的应用程序。该程序支持同步和共享文件、管理字体以及访问商业摄影和设计的资产库。 Adobe Creative Cloud Desktop Application 存在访问控制错误漏洞，未经身份验证的攻击者可以利用此漏洞在 SYSTEM 上下文中删除文件并提升权限。攻击者必须首先获得在目标系统上执行低特权代码的能力，才能在产品安装程序上利用

N/A

N/A