Insecure Library Loading Vulnerability in Adobe Creative Cloud Desktop Application
CVE-2019-7093

7.8HIGH

Key Information:

Vendor: Adobe
Status: Creative Cloud Desktop Application (installer)
Vendor: CVE Published:; 24 May 2019

Summary

The Adobe Creative Cloud Desktop Application contains a vulnerability related to insecure library loading, commonly referred to as DLL hijacking. This security flaw affects versions 4.7.0.400 and earlier, allowing attackers to exploit the library loading mechanism. If successfully executed, this vulnerability could enable an unauthorized user to escalate their privileges, leading to potentially serious security implications.

Affected Version(s)

Creative Cloud Desktop Application (installer) 4.7.0.400 and earlier

References

https://helpx.adobe.com/security/products/creative-cloud/...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 24, 2019
Vulnerability Reserved
Jan 28, 2019