ID CVE-2021-28568
Summary Adobe Genuine Services version 7.1 (and earlier) is affected by an Insecure file permission vulnerability during installation process. A local authenticated attacker could leverage this vulnerability to achieve privilege escalation in the context of the current user.
References
Vulnerable Configurations
  • cpe:2.3:a:adobe:genuine_service:7.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:genuine_service:7.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
    cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
CVSS
Base: 6.9 (as of 14-09-2021 - 17:38)
Impact:
Exploitability:
CWE CWE-379
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:N/C:C/I:C/A:C
Last major update 14-09-2021 - 17:38
Published 08-09-2021 - 17:15
Last modified 14-09-2021 - 17:38
Back to Top