Adobe Creative Cloud Incorrect Permission Assignment Privilege Escalation Vulnerability [CVE-2021-43019]
CVE number = CVE-2021-43019
This vulnerability allows local attackers to escalate privileges on affected installations of Adobe Creative Cloud.
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the product installer. The issue results from incorrect permissions set on a folder.
An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
Adobe has issued an update to correct this vulnerability.
Affected versions
| Product | Affected version | Platform |
| Creative Cloud Desktop Application | 5.5 and earlier version | macOS |
More details can be found at:
https://helpx.adobe.com/security/products/creative-cloud/apsb21-111.html
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.