Privilege Escalation Vulnerability in Adobe RoboHelp
CVE-2021-21070

6.5MEDIUM

Key Information:

Vendor: Adobe
Status: Robohelp
Vendor: CVE Published:; 19 April 2021

Summary

Adobe Robohelp version 2020.0.3 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with admin permissions to write to the file system could leverage this vulnerability to escalate privileges.

Affected Version(s)

RoboHelp <= 2020.0.3

RoboHelp <= unspecified

References

https://helpx.adobe.com/security/products/robohelp/apsb21...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 19, 2021
Vulnerability Reserved
Dec 18, 2020