Adobe Genuine Service privilege escalation vulnerability
CVE-2020-9681

6.5MEDIUM

Key Information:

Vendor: Adobe
Status: Gocart
Vendor: CVE Published:; 16 April 2021

What is CVE-2020-9681?

Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit this to rewrite the file of the administrator, which may lead to elevated permissions. Exploitation of this issue requires user interaction.

Affected Version(s)

GoCart <= 6.6

GoCart <= unspecified

References

https://helpx.adobe.com/security/products/integrity_servi...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 16, 2021
Vulnerability Reserved
Mar 2, 2020