Race Condition Vulnerability in Adobe Creative Cloud Desktop Application
CVE-2020-3808

5.9MEDIUM

Key Information:

Vendor: Adobe
Status: Creative Cloud Desktop Application
Vendor: CVE Published:; 25 March 2020

Summary

The Creative Cloud Desktop Application is susceptible to a time-of-check to time-of-use (TOCTOU) race condition vulnerability in versions 5.0 and earlier. This issue could be exploited to perform arbitrary file deletion, potentially affecting user data integrity and availability. Users are advised to update to the latest version to mitigate risks associated with this vulnerability.

Affected Version(s)

Creative Cloud Desktop Application Creative Cloud Desktop Application versions

References

https://helpx.adobe.com/security/products/creative-cloud/...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 25, 2020
Vulnerability Reserved
Dec 17, 2019