Insecure Library Loading Vulnerability in Adobe Creative Cloud Desktop Application
CVE-2018-5003
7.8HIGH
Key Information:
- Vendor
- Adobe
- Vendor
- CVE Published:
- 29 August 2018
Summary
The Adobe Creative Cloud Desktop Application prior to version 4.5.5.342 contains a vulnerability that allows insecure library loading, commonly referred to as DLL hijacking. This issue can be exploited by attackers to execute unofficial libraries, potentially leading to a privilege escalation scenario. Users are advised to update to the latest version to mitigate the risk associated with this vulnerability.
Affected Version(s)
Adobe Creative Cloud Desktop Application before 4.5.5.342 Adobe Creative Cloud Desktop Application before 4.5.5.342
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved