What is CVE-2021-28581?

CVE-2021-28581 is a high-severity vulnerability in Adobe Creative Cloud (Desktop Component), classified under Uncontrolled Search Path Element. CVSS score: 7.3/10. Published 2021-09-08.

How severe is CVE-2021-28581?

High severity. CVSS v3 base score is 7.3 out of 10.

Vulnerability in Adobe Creative Cloud (Desktop Component)

CVE-2021-28581

Adobe Creative Cloud Desktop 3.5 (and earlier) is affected by an uncontrolled search path vulnerability that could result in elevation of privileges. Exploitation of this issue requires user interaction in that a victim must log on to the…

EPSS: 0.002 (48.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.3 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

Adobe Creative Cloud (Desktop Component) — versions unspecified

Weakness classification (CWE)

CWE-427 — Uncontrolled Search Path Element

References

helpx.adobe.com/security/products/creative-cloud/apsb21-31.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-28581?: CVE-2021-28581 is a high-severity vulnerability in Adobe Creative Cloud (Desktop Component), classified under Uncontrolled Search Path Element. CVSS score: 7.3/10. Published 2021-09-08.
How severe is CVE-2021-28581?: High severity. CVSS v3 base score is 7.3 out of 10.