Bulletin ID
Last updated on
Dec 27, 2022
Security update available for Adobe Creative Cloud Desktop Application | APSB20-68
|
|
Date Published |
Priority |
|---|---|---|
|
ASPB20-68 |
October 20, 2020 |
3 |
Summary
Adobe has released a security update for the Creative Cloud Desktop Application installer for Windows. This update resolves a critical vulnerability in the installer that could lead to arbitrary code execution.
Affected versions
|
Product |
Affected version |
Platform |
|
Creative Cloud Desktop Application (old installer) |
5.2 and earlier version |
Windows |
|
Creative Cloud Desktop Application (new installer) |
2.1 and earlier versions |
Windows |
Note:
To check the version of the Adobe Creative Cloud desktop application installer:
- Visit Properties”>”Details” on Windows or “Get Info” on Mac to view the installer version
Solution
Adobe categorizes this update with the following priority rating and recommends users update their installation to the newest version:
|
Product |
Updated version |
Platform |
Priority rating |
Availability |
|
Creative Cloud Desktop Application (old installer) |
5.3 |
Windows |
3 |
|
|
Creative Cloud Desktop Application (new installer) |
2.2 |
Windows |
3 |
The latest Creative Cloud Desktop App installer can be downloaded from the Download Center.
Vulnerability Details
|
Vulnerability Category |
Vulnerability Impact |
Severity |
CVE Numbers |
|---|---|---|---|
|
Uncontrolled Search Path |
Arbitrary Code Execution |
Critical |
CVE-2020-24422 |
Acknowledgments
Adobe would like to thank Dhiraj Mishra (@RandomDhiraj) for reporting this issue and for working with Adobe to help protect our customers.
