Command Injection Vulnerability in Adobe Download Manager
CVE-2020-9688

7.8HIGH

Key Information:

Vendor: Adobe
Status: Adobe Download Manager
Vendor: CVE Published:; 17 July 2020

What is CVE-2020-9688?

Adobe Download Manager version 2.0.0.518 is affected by a command injection vulnerability that could allow an attacker to execute arbitrary code. This exploitation could occur without proper access controls, posing significant risks to users who utilize this application for managing downloads. Vigilant security practices and prompt updates are crucial to mitigate potential threats stemming from this vulnerability.

Affected Version(s)

Adobe Download Manager version 2.0.0.518

References

https://helpx.adobe.com/security/products/adm/apsb20-49.html

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 17, 2020
Vulnerability Reserved
Mar 2, 2020