Bulletin ID
Viimati uuendatud
Security Updates Available for Adobe Genuine Service | APSB21-81
|
|
Date Published |
Priority |
|---|---|---|
|
APSB21-81 |
September 14, 2020 |
3 |
Summary
Adobe has released updates for Adobe Genuine Service for Windows and macOS. This update resolves a critical vulnerability that could lead to privilege escalation in the context of the current user.
Affected Versions
|
Product |
Version |
Platform |
|---|---|---|
|
Adobe Genuine Service |
7.3 and earlier versions |
Windows and macOS |
Märkus.
To verify the version of Adobe Genuine Service installed on your system, please follow the following steps:
For Windows machines:
- Navigate to C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient
- Right click on AdobeGCClient.exe, select “Properties”.
- Go to “Details” tab, the File Version can be seen within.
For mac machines:
- Navigate to /Library/Application Support/Adobe/AdobeGCClient/
- Right click on AdobeGCClient, select Get Info.
- File Version can be seen corresponding version tag
Solution
Adobe categorizes these updates with the following priority ratings.
|
Product |
Version |
Platform |
Priority Rating |
|---|---|---|---|
|
Adobe Genuine Service |
7.4 |
Windows and macOS |
3 |
Märkus.
Adobe Genuine Integrity Service has a self-update mechanism that runs automatically at a regular interval when the host is connected to the internet. For more details regarding Adobe Genuine Integrity Service, please visit here.
Vulnerability details
|
Vulnerability Category |
Vulnerability Impact |
Severity |
CVSS base score |
CVE Numbers |
|
|---|---|---|---|---|---|
|
Creation of Temporary File in Directory with Incorrect Permissions (CWE-379) |
Privilege Escalation |
Critical |
7.3 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
CVE-2021-40708 |
Acknowledgments
Adobe would like to thank CQY of Topsec Alpha Team (yjdfy) for reporting these issues and for working with Adobe to help protect our customers.
Logige oma kontole sisse