Adobe Security Bulletin

Security Updates Available for Adobe Genuine Software Client | APSB21-81

Bulletin ID

Date Published

Priority

APSB21-81

September 14, 2020

3

Summary

Adobe has released updates for Adobe Genuine Software Client for Windows and macOS. This update resolves a critical vulnerability that could lead to privilege escalation in the context of the current user.      

Affected Versions

Product

Version

Platform

Adobe Genuine Software Client

7.3 and earlier versions      

Windows and macOS

Бележка:

To verify the version of Adobe Genuine Software Client installed on your system, please follow the following steps:  

For Windows machines:

  • Navigate to C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient
  • Right click on AdobeGCClient.exe, select “Properties”. 
  • Go to “Details” tab, the File Version can be seen within. 

For mac machines:

  • Navigate to /Library/Application Support/Adobe/AdobeGCClient/
  • Right click on AdobeGCClient, select Get Info. 
  • File Version can be seen corresponding version tag

Solution

Adobe categorizes these updates with the following priority ratings.

Product

Version

Platform

Priority Rating

Adobe Genuine Software Client      

7.4

Windows and macOS

3

Бележка:

Adobe Genuine Software Client has a self-update mechanism that runs automatically at a regular interval when the host is connected to the internet.  For more details regarding Adobe Genuine Software Client, please visit here.

Vulnerability details

Vulnerability Category

Vulnerability Impact

Severity

CVSS base score 

CVE Numbers

Creation of Temporary File in Directory with Incorrect Permissions

(CWE-379)

Privilege Escalation

Critical 

7.3

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CVE-2021-40708

Acknowledgments

Adobe would like to thank CQY of Topsec Alpha Team (yjdfy) for reporting these issues and for working with Adobe to help protect our customers.   

 

Revisions

May 14, 2021: Updated CVE ID and Acknowledgements section.

November 8, 2022: Updated product name to "Adobe Genuine Software Client"

Adobe, Inc.

Получете помощ по-бързо и по-лесно

Нов потребител?