Headline

CVE-2021-28623: Adobe Security Bulletin

Adobe Premiere Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.

3 years ago

CVE

Open in Source

#vulnerability #mac #windows #auth

Security updates available for Adobe Premiere Elements | APSB21-47

Bulletin ID

Date Published

Priority

ASPB21-47

June 08, 2021

Summary

Adobe has released updates for Adobe Premiere Elements for Windows and macOS. This update addresses an important vulnerability. Successful exploitation could lead to privilege escalation in the context of the current user.

Affected Versions

Product

Version

Platform

Adobe Premiere Elements (installer)

5.2 and earlier versions

Windows

Solution

Adobe categorizes these updates with the following priority ratings and recommends users to download the new installer and upgrade their installations.

Product

Version

Platform

Priority

Availability

Adobe Premiere Elements (installer)

5.3

Windows and macOS

Download Center

To Verify the version of the installer on your system, please follow the following steps:

For windows machines: Please check the version of the Setup.exe at C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HDBox
For mac machines: Please check the version of the setup at /Library/Application Support/Adobe/Adobe Desktop Common/HDBox

Please Note: Installer downloaded from Download Center will automatically fetch the files containing the fix.

Vulnerability details

Vulnerability Category

Vulnerability Impact

Severity

CVSS base score

CVSS vector

CVE Numbers

Creation of Temporary File in Directory with Incorrect Permissions

(CWE-379)

Privilege escalation

Important