CVE-2021-43019— Adobe Creative Cloud Incorrect Permission Assignment Privilege Escalation Vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-43019
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Adobe Creative Cloud Incorrect Permission Assignment Privilege Escalation Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
Adobe Creative Cloud version 5.5 (and earlier) are affected by a privilege escalation vulnerability in the resources leveraged by the Setup.exe service. An unauthenticated attacker could leverage this vulnerability to remove files and escalate privileges under the context of SYSTEM . An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability on the product installer. User interaction is required before product installation to abuse this vulnerability.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
关键资源的不正确权限授予
Source: NVD (National Vulnerability Database)
Vulnerability Title
Adobe Creative Cloud Desktop Application 访问控制错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Adobe Creative Cloud Desktop Application是美国奥多比(Adobe)公司的一套用于在Creative云会员管理中心管理应用程序和服务的应用程序。该程序支持同步和共享文件、管理字体以及访问商业摄影和设计的资产库。 Adobe Creative Cloud Desktop Application 存在访问控制错误漏洞,未经身份验证的攻击者可以利用此漏洞在 SYSTEM 上下文中删除文件并提升权限。攻击者必须首先获得在目标系统上执行低特权代码的能力,才能在产品安装程序上利用
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Adobe | Creative Cloud (desktop component) | unspecified ~ 5.5 | - |
II. Public POCs for CVE-2021-43019
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-43019
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same product: Creative Cloud (desktop component)
- CVE-2023-26358
Adobe Creative Cloud AdobeExtensionService.exe local privile - CVE-2022-23202
Adobe Creative Cloud Desktop Uncontrolled Search Path Elemen - CVE-2021-28547
Adobe Creative Cloud for macOS Privilege Escalation Vulnerab - CVE-2021-28613
Adobe Creative Cloud Arbitrary File Overwrite Vulnerability - CVE-2021-28581
Adobe Creative Cloud Desktop uncontrolled search path elemen
Same vendor: Adobe
- CVE-2026-34632
Photoshop Installer | CWE-427: Uncontrolled Search Path Elem - CVE-2026-27297
Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (C - CVE-2026-27300
Adobe Framemaker | Access of Uninitialized Pointer (CWE-824) - CVE-2026-27296
Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (C - CVE-2026-27290
Adobe Framemaker | Untrusted Search Path (CWE-426)
Same weakness: CWE-732
- CVE-2026-41288
WatchGuard Agent on Windows Privilege Escalation Vulnerabili - CVE-2026-41686
Claude SDK for TypeScript has Insecure Default File Permissi - CVE-2026-6499
ILM Informatique OpenConcerto 安全漏洞 - CVE-2026-41366
OpenClaw < 2026.3.31 - Arbitrary Host File Read via appendLo - CVE-2026-35367
uutils coreutils nohup Information Disclosure via Insecure D
V. Comments for CVE-2021-43019
No comments yet