Lucene search
China National Vulnerability DatabaseCNVD-2022-15925HistoryFeb 18, 2022 - 12:00 a.m.
Adobe Creative Cloud Desktop Uncontrolled Search Path Element Vulnerability
2022-02-1800:00:00
China National Vulnerability Database
www.cnvd.org.cn
16
0.001 Low
EPSS
Percentile
36.8%
Adobe Creative Cloud Desktop Application is a suite of applications from Adobe for managing applications and services in the Creative Cloud Member Management Center. The application supports synchronizing and sharing files, managing fonts, and accessing a library of assets for commercial photography and design.Adobe Creative Cloud Desktop 2.7.0.13 and earlier versions are vulnerable to uncontrolled search path elements. An attacker could exploit the vulnerability to execute arbitrary code (the victim user must download the malicious DLL file, which needs to be in the same folder as the installer, making it a highly sophisticated attack vector).
| CPE | Name | Operator | Version |
|---|---|---|---|
| Adobe Creative Cloud Desktop <= 2. | eq | 7.0.13 |
Related
cve
cve
CVE-2022-23202
2022-02-16 17:15:12
prion
prion
Path traversal
2022-02-16 17:15:00
nvd
nvd
CVE-2022-23202
2022-02-16 17:15:12
nessus
nessus
Adobe Creative Cloud Desktop Arbitrary Code Execution (APSB22-11)
2022-02-11 00:00:00
cvelist
cvelist
adobe
adobe
APSB22-11 : Security update available for Adobe Creative Cloud Desktop
2022-02-08 00:00:00
malwarebytes
malwarebytes
Update now! Firefox and Adobe updates are more critical than Microsoftβs
2022-02-09 12:10:20