Adobe Photoshop Elements Privilege Escalation Vulnerability - symbolic link
CVE-2021-28597

6.2MEDIUM

Key Information:

Vendor: Adobe
Status: Photoshop Elements
Vendor: CVE Published:; 28 June 2021

Summary

Adobe Photoshop Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.

Affected Version(s)

Photoshop Elements <= 5.2

Photoshop Elements <= unspecified

References

https://helpx.adobe.com/security/products/photoshop_eleme...

x_refsource_MISC

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 28, 2021
Vulnerability Reserved
Mar 16, 2021