What is CVE-2021-21078?

CVE-2021-21078 is a medium-severity vulnerability in Adobe Creative Cloud (Desktop Component), classified under Untrusted Search Path. CVSS score: 6.5/10. Published 2021-03-12.

How severe is CVE-2021-21078?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Adobe Creative Cloud (Desktop Component)

CVE-2021-21078

Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by an Unquoted Service Path vulnerability in CCXProcess that could allow an attacker to achieve arbitrary code execution in the process of the current user. Exp…

EPSS: 0.003 (49.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H.

Affected products

Adobe Creative Cloud (Desktop Component) — versions unspecified

Weakness classification (CWE)

CWE-426 — Untrusted Search Path

References

helpx.adobe.com/security/products/creative-cloud/apsb21-18.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-21078?: CVE-2021-21078 is a medium-severity vulnerability in Adobe Creative Cloud (Desktop Component), classified under Untrusted Search Path. CVSS score: 6.5/10. Published 2021-03-12.
How severe is CVE-2021-21078?: Medium severity. CVSS v3 base score is 6.5 out of 10.