What is CVE-2021-28633?

CVE-2021-28633 is a medium-severity vulnerability in Adobe Creative Cloud (Desktop Component), classified under Creation of Temporary File in Directory with Insecure Permissions. CVSS score: 6.1/10. Published 2021-08-24.

How severe is CVE-2021-28633?

Medium severity. CVSS v3 base score is 6.1 out of 10.

Vulnerability in Adobe Creative Cloud (Desktop Component)

CVE-2021-28633

Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Insecure temporary file creation vulnerability. An attacker could leverage this vulnerability to cause arbitrary file overwriting in the conte…

EPSS: 0.001 (27.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.1 (Medium). Vector: CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H.

Affected products

Adobe Creative Cloud (Desktop Component) — versions unspecified

Weakness classification (CWE)

CWE-379 — Creation of Temporary File in Directory with Insecure Permissions

References

helpx.adobe.com/security/products/creative-cloud/apsb21-41.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-28633?: CVE-2021-28633 is a medium-severity vulnerability in Adobe Creative Cloud (Desktop Component), classified under Creation of Temporary File in Directory with Insecure Permissions. CVSS score: 6.1/10. Published 2021-08-24.
How severe is CVE-2021-28633?: Medium severity. CVSS v3 base score is 6.1 out of 10.