CVE-2021-28568

Medium

Adobe Genuine Services version 7.1 (and earlier) is affected by an Insecure file permission vulnerability during installation process. A…

adobe·CWE-379·Published 2021-09-08

CVSS

6.5

EPSS

0.01

KEV

Exploits

cve.orgen

267 chars

Adobe Genuine Services version 7.1 (and earlier) is affected by an Insecure file permission vulnerability during installation process. A local authenticated attacker could leverage this vulnerability to achieve privilege escalation in the context of the current user.

NVDen

267 chars

NVDes

301 chars

Adobe Genuine Services versiones 7.1 (y anteriores), está afectada por una vulnerabilidad de permisos de archivos no Seguros durante el proceso de instalación. Un atacante local autenticado podría aprovechar esta vulnerabilidad para lograr una escalada de privilegios en el contexto del usuario actual

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.9	3.4	10.0	AV:L/AC:M/Au:N/C:C/I:C/A:C
3.1	Primary	NVD	6.5	0.6	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H