Race Condition Vulnerability in Adobe Creative Cloud Desktop Application
CVE-2020-3808

5.9MEDIUM

Key Information:

Vendor: Adobe
Status: Creative Cloud Desktop Application
Vendor: CVE Published:; 25 March 2020

What is CVE-2020-3808?

The Creative Cloud Desktop Application is susceptible to a time-of-check to time-of-use (TOCTOU) race condition vulnerability in versions 5.0 and earlier. This issue could be exploited to perform arbitrary file deletion, potentially affecting user data integrity and availability. Users are advised to update to the latest version to mitigate risks associated with this vulnerability.

Affected Version(s)

Creative Cloud Desktop Application Creative Cloud Desktop Application versions

References

https://helpx.adobe.com/security/products/creative-cloud/...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 25, 2020
Vulnerability Reserved
Dec 17, 2019