Insecure Library Loading Vulnerability in Adobe Lightroom
CVE-2020-9724

7.8HIGH

Key Information:

Vendor: Adobe
Status: Adobe Lightroom
Vendor: CVE Published:; 19 August 2020

Summary

Adobe Lightroom versions 9.2.0.10 and earlier are susceptible to an insecure library loading vulnerability, which could potentially allow an attacker to perform privilege escalation. This flaw arises from the application’s inadequate validation of library files, enabling malicious actors to manipulate library loading processes for unauthorized access.

Affected Version(s)

Adobe Lightroom 9.2.0.10 and earlier versions

References

https://helpx.adobe.com/security/products/lightroom/apsb2...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Aug 19, 2020
Vulnerability Reserved
Mar 2, 2020