ID CVE-2020-9668
Summary Adobe Genuine Service version 6.6 (and earlier) is affected by an Improper Access control vulnerability when handling symbolic links. An unauthenticated attacker could exploit this to elevate privileges in the context of the current user.
References
Vulnerable Configurations
  • cpe:2.3:a:adobe:genuine_service:*:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:genuine_service:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 26-07-2022 - 10:05)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
Last major update 26-07-2022 - 10:05
Published 16-04-2021 - 18:15
Last modified 26-07-2022 - 10:05
Back to Top