Bulletin ID
Security updates available for Adobe Premiere Elements | APSB22-43
|
Date Published |
Priority |
---|---|---|
ASPB22-43 |
August 9, 2022 |
3 |
Summary
Adobe has released updates for Adobe Premiere Elements for Windows and macOS. This update addresses a critical vulnerability. Successful exploitation could lead to privilege escalation
in the context of the current user.
Affected Versions
Product |
Version |
Platform |
---|---|---|
Adobe Premiere Elements |
2022 (Version 20.0) |
Windows and macOS |
Solution
Adobe categorizes these updates with the following priority ratings and recommends users to download the new installer and upgrade their installations.
Product |
Version |
Platform |
Priority |
Availability |
---|---|---|---|---|
Adobe Premiere Elements |
2022 (Version 20.0 20220702.Git.main.e4f8578) |
Windows and macOS |
3 |
To verify the version of Premiere Elements on your system, please follow the following steps:
- Help
- About Premiere Elements menu
- The splash screen would show the current version and build number.
Vulnerability details
Vulnerability Category |
Vulnerability Impact |
Severity |
CVSS base score |
CVE Numbers |
|
---|---|---|---|---|---|
Uncontrolled Search Path Element (CWE-427) |
Privilege escalation |
Critical |
8.8 |
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
CVE-2022-34235 |
Acknowledgments
Adobe would like to thank the following for reporting these issues and for working with Adobe to help protect our customers:
- Tom Jøran Sønstebyseter Rønning (l1v1ng0ffth3l4n) -- CVE-2022-34235
Revisions
June 28, 2021: Included a note containing the steps to verify the installer version.
October 4, 2021: Updated CVSS base score and vector for CVE-2021-39824. and CVE-2021-40701.
October 4, 2021: Updated Severity for CVE-2021-40701.
For more information, visit https://helpx.adobe.com/security.html, or email PSIRT@adobe.com.