Bulletin ID
Security updates available for Adobe Photoshop Elements | APSB21-46
|
Date Published |
Priority |
---|---|---|
ASPB21-46 |
June 08, 2021 |
3 |
Summary
Adobe has released updates for Photoshop Elements for Windows and macOS. These updates resolve an important vulnerability. Successful exploitation could lead to privilege escalation in the context of the current user.
Affected Versions
Product |
Version |
Platform |
---|---|---|
Photoshop Elements (installer) |
5.2 and earlier versions |
Windows and macOS |
Solution
Adobe categorizes these updates with the following priority ratings and recommends users to download the new installer and upgrade their installations.
Product |
Version |
Platform |
Priority |
Availability |
---|---|---|---|---|
Photoshop Elements (installer) |
5.3 |
Windows and macOS |
3 |
To Verify the version of the installer on your system, please follow the following steps:
For Windows machines: Please check the version of the Setup.exe at C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HDBox
For mac machines: Please check the version of the setup at /Library/Application Support/Adobe/Adobe Desktop Common/HDBox
Please Note: Installer downloaded from Download Center will automatically fetch the files containing the fix.
Vulnerability details
Vulnerability Category |
Vulnerability Impact |
Severity |
CVSS base score |
CVE Numbers |
|
---|---|---|---|---|---|
Creation of Temporary File in Directory with Incorrect Permissions (CWE-379) |
Privilege escalation |
Important |
6.2 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
CVE-2021-28597 |
Acknowledgments
Adobe would like to thank CQY of Topsec Alpha Team (yjdfy) for reporting these issues and for working with Adobe to help protect our customers.
Revisions
June 28, 2021: Included a note containing the steps to verify the installer version.
For more information, visit https://helpx.adobe.com/security.html, or email PSIRT@adobe.com.