Adobe Security Bulletin

Security Updates Available for Adobe Genuine Software Client | APSB21-27

Bulletin ID

Date Published

Priority

APSB21-27

May 11, 2020

3

Summary

Adobe has released updates for the Adobe Genuine Software Client for Windows and macOS. This update resolves an important vulnerability that could lead to privilege escalation in the context of the current user.    

Affected Versions

Product

Version

Platform

Adobe Genuine Software Client

Version 7.1  and earlier versions   

Windows and macOS

Note:

To verify the version of Adobe Genuine Software Client installed on your system, please follow the following steps:  

For Windows machines:

  • Navigate to C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient
  • Right click on AdobeGCClient.exe, select “Properties”. 
  • Go to “Details” tab, the File Version can be seen within. 

For mac machines:

  • Navigate to /Library/Application Support/Adobe/AdobeGCClient/
  • Right click on AdobeGCClient, select Get Info. 
  • File Version can be seen corresponding version tag

Solution

Adobe categorizes these updates with the following priority ratings.

Product

Version

Platform

Priority Rating

Adobe Genuine Software Client     

7.3

Windows and macOS

3

Note:

Adobe Genuine Software Client has a self-update mechanism that runs automatically at a regular interval when the host is connected to the internet.  For more details regarding Adobe Genuine Software Client, please visit here.

Vulnerability details

Vulnerability Category

Vulnerability Impact

Severity

CVE Numbers

Insecure File Permission

Privilege Escalation

Important

CVE-2021-28568

Acknowledgments

Adobe would like to thank Qingyang Chen of Topsec Alpha Team for reporting these issues and for working with Adobe to help protect our customers.  

 

Revisions

May 14, 2021: Updated CVE ID and Acknowledgements section.

November 8, 2022: Updated product name to "Adobe Genuine Software Client"

 Adobe

Get help faster and easier

New user?