CVE-2021-43017— Adobe Creative Cloud DLL Hijacking Local Application Denial of Service

CVSS 4.2 · Medium EPSS 0.32% · P55 Updated Apr 29, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-43017

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Adobe Creative Cloud DLL Hijacking Local Application Denial of Service

Source: NVD (National Vulnerability Database)

Vulnerability Description

Adobe Creative Cloud version 5.5 (and earlier) are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker with root privileges could leverage this vulnerability to achieve denial of service by planting a malicious file on the victim's local machine. User interaction is required before product installation to abuse this vulnerability.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

在具有不安全权限的目录中创建临时文件

Source: NVD (National Vulnerability Database)

Vulnerability Title

Adobe Creative Cloud Desktop Application 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Adobe Creative Cloud Desktop Application是美国奥多比（Adobe）公司的一套用于在Creative云会员管理中心管理应用程序和服务的应用程序。该程序支持同步和共享文件、管理字体以及访问商业摄影和设计的资产库。 Adobe Creative Cloud Desktop Application 存在安全漏洞，攻击者可以利用该漏洞触发应用程序拒绝服务。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Adobe	GoCart	unspecified ~ 5.5	-

II. Public POCs for CVE-2021-43017

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-43017

请登录查看更多情报信息。

Same Patch Batch · Adobe · 2021-11-18 · 22 CVEs total

CVE-2021-42269	7.8 HIGH	Adobe Animate FLA File Parsing Use After Free Remote Code Execution
CVE-2021-42267	7.8 HIGH	Adobe Animate FLA File Parsing Memory Corruption Arbitrary Code Execution
CVE-2021-42266	7.8 HIGH	Adobe Animate FLA File Parsing Memory Corruption Arbitrary Code Execution
CVE-2021-40755	7.8 HIGH	Adobe After Effects SGI File Parsing Memory Corruption Arbitrary Code Execution
CVE-2021-40760	7.8 HIGH	Adobe After Effects M4A File Parsing Memory Corruption Arbitrary Code Execution
CVE-2021-40759	7.8 HIGH	Adobe After Effects M4A File Parsing Memory Corruption Arbitrary Code Execution
CVE-2021-40758	7.8 HIGH	Adobe After Effects WAV File Parsing Memory Corruption Arbitrary Code Execution
CVE-2021-40757	7.8 HIGH	Adobe After Effects MXF File Parsing Memory Corruption Arbitrary Code Execution
CVE-2021-42268	5.5 MEDIUM	Adobe Animate FLA File Parsing Null Pointer Dereference Application Denial of Service
CVE-2021-40761	5.5 MEDIUM	Adobe After Effects NULL Pointer Dereference Application Denial of Service
CVE-2021-40756	5.5 MEDIUM	Adobe After Effects NULL Pointer Dereference Application Denial of Service
CVE-2021-40751		Adobe After Effects M4A File Parsing Memory Corruption Arbitrary Code Execution
CVE-2021-42525		Adobe Animate SVG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
CVE-2021-40752		Adobe After Effects M4A File Parsing Memory Corruption Arbitrary Code Execution
CVE-2021-40753		Adobe After Effects SVG File Parsing Memory Corruption Arbitrary Code Execution
CVE-2021-40754		Adobe After Effects WAV File Parsing Memory Corruption Arbitrary Code Execution
CVE-2021-40733		Adobe Animate Memory Corruption Could Lead To Arbitrary Code Execution
CVE-2021-42270		Adobe Animate BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2021-42271		Adobe Animate BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2021-42272		Adobe Animate GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: GoCart

Same vendor: Adobe

Same weakness: CWE-379

V. Comments for CVE-2021-43017

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-43017— Adobe Creative Cloud DLL Hijacking Local Application Denial of Service

I. Basic Information for CVE-2021-43017

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-43017

III. Intelligence Information for CVE-2021-43017

Same Patch Batch · Adobe · 2021-11-18 · 22 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-43017

Leave a comment