Adobe Creative Cloud DLL Hijacking Local Application Denial of Service
CVE-2021-43017

4.2MEDIUM

Key Information:

Vendor: Adobe
Status: Gocart
Vendor: CVE Published:; 18 November 2021

Summary

Adobe Creative Cloud version 5.5 (and earlier) are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker with root privileges could leverage this vulnerability to achieve denial of service by planting a malicious file on the victim's local machine. User interaction is required before product installation to abuse this vulnerability.

Affected Version(s)

GoCart <= 5.5

GoCart <= unspecified

References

https://helpx.adobe.com/security/products/creative-cloud/...

x_refsource_MISC

CVSS V3.1

Score:

4.2

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 18, 2021
Vulnerability Reserved
Oct 25, 2021