Privilege Escalation Vulnerability in Adobe Creative Cloud Setup.exe Service

Privilege Escalation Vulnerability in Adobe Creative Cloud Setup.exe Service

CVE-2021-43019 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Adobe Creative Cloud version 5.5 (and earlier) are affected by a privilege escalation vulnerability in the resources leveraged by the Setup.exe service. An unauthenticated attacker could leverage this vulnerability to remove files and escalate privileges under the context of SYSTEM . An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability on the product installer. User interaction is required before product installation to abuse this vulnerability.

Learn more about our Cloud Audit.