Adobe Creative Cloud Desktop Application The desktop client for Adobe Creative Cloud
Recent Adobe Creative Cloud Desktop Application Security Advisories
| Advisory | Title | Published |
|---|---|---|
| APSB24-44 | Security update available for Adobe Creative Cloud Desktop Application | APSB24-44 | June 11, 2024 |
| APSB23-21 | Security update available for Adobe Creative Cloud Desktop Application | APSB23-21 | March 14, 2023 |
| APSB22-11 | Security update available for Adobe Creative Cloud Desktop Application | APSB21-18 APSB22-11 | February 8, 2022 |
| APSB21-111 | Security update available for Adobe Creative Cloud Desktop Application | APSB21-18 APSB21-111 | November 9, 2021 |
| APSB21-76 | Security update available for Adobe Creative Cloud Desktop Application | APSB21-18 APSB21-76 | September 14, 2021 |
| APSB21-41 | Security update available for Adobe Creative Cloud Desktop Application | APSB21-18 APSB21-41 | June 8, 2021 |
| APSB21-31 | Security update available for Adobe Creative Cloud Desktop Application | APSB21-18 APSB21-31 | May 12, 2021 |
| APSB21-18 | Security update available for Adobe Creative Cloud Desktop Application | APSB21-18 | March 26, 2021 |
| APSB20-33 | Security update available for Adobe Creative Cloud Desktop Application | APSB20-33 | July 14, 2020 |
| APSB20-11 | Security update available for Creative Cloud Desktop Application | APSB20-11 | March 24, 2020 |
By the Year
In 2024 there have been 1 vulnerability in Adobe Creative Cloud Desktop Application with an average score of 7.1 out of ten. Last year Creative Cloud Desktop Application had 1 security vulnerability published. At the current rates, it appears that the number of vulnerabilities last year and this year may equal out. Last year, the average CVE base score was greater by 0.70
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 1 | 7.10 |
| 2023 | 1 | 7.80 |
| 2022 | 1 | 7.00 |
| 2021 | 3 | 6.67 |
| 2020 | 1 | 7.80 |
| 2019 | 0 | 0.00 |
| 2018 | 4 | 8.80 |
It may take a day or so for new Creative Cloud Desktop Application vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Adobe Creative Cloud Desktop Application Security Vulnerabilities
Creative Cloud Desktop versions 6.1.0.587 and earlier are affected by an Uncontrolled Search Path Element vulnerability
CVE-2024-34116
7.1 - High
- June 13, 2024
Creative Cloud Desktop versions 6.1.0.587 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to load and execute malicious libraries, leading to arbitrary file delete. Exploitation of this issue requires user interaction.
DLL preloading
Creative Cloud version 5.9.1 (and earlier) is affected by an Untrusted Search Path vulnerability
CVE-2023-26358
7.8 - High
- March 22, 2023
Creative Cloud version 5.9.1 (and earlier) is affected by an Untrusted Search Path vulnerability that might allow attackers to execute their own programs, access unauthorized data files, or modify configuration in unexpected ways. If the application uses a search path to locate critical resources such as programs, then an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. The problem extends to any type of critical resource that the application trusts.
Untrusted Path
Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability
CVE-2022-23202
7 - High
- February 16, 2022
Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must download a malicious DLL file. The attacker has to deliver the DLL on the same folder as the installer which makes it as a high complexity attack vector.
DLL preloading
Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability
CVE-2021-28594
7.8 - High
- August 24, 2021
Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
DLL preloading
Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Insecure temporary file creation vulnerability
CVE-2021-28633
6.1 - Medium
- August 24, 2021
Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Insecure temporary file creation vulnerability. An attacker could leverage this vulnerability to cause arbitrary file overwriting in the context of the current user. Exploitation of this issue requires physical interaction to the system.
Exposure of Resource to Wrong Sphere
Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a file handling vulnerability
CVE-2021-21068
6.1 - Medium
- March 12, 2021
Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a file handling vulnerability that could allow an attacker to cause arbitrary file overwriting. Exploitation of this issue requires physical access and user interaction.
Creation of Temporary File in Directory with Insecure Permissions
Adobe Creative Cloud Desktop Application version 5.2 (and earlier) and 2.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability
CVE-2020-24422
7.8 - High
- October 21, 2020
Adobe Creative Cloud Desktop Application version 5.2 (and earlier) and 2.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
DLL preloading
Adobe Creative Cloud Desktop Application before 4.6.1 has an improper certificate validation vulnerability
CVE-2018-12829
9.8 - Critical
- August 29, 2018
Adobe Creative Cloud Desktop Application before 4.6.1 has an improper certificate validation vulnerability. Successful exploitation could lead to privilege escalation.
Improper Certificate Validation
Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Unquoted Search Path vulnerability
CVE-2018-4873
7.8 - High
- May 19, 2018
Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Unquoted Search Path vulnerability. Successful exploitation could lead to local privilege escalation.
Unquoted Search Path or Element
Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Improper certificate validation vulnerability
CVE-2018-4991
9.8 - Critical
- May 19, 2018
Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Improper certificate validation vulnerability. Successful exploitation could lead to a security bypass.
Improper Certificate Validation
Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Improper input validation vulnerability
CVE-2018-4992
7.8 - High
- May 19, 2018
Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Improper input validation vulnerability. Successful exploitation could lead to local privilege escalation.
Improper Input Validation
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Adobe Creative Cloud Desktop Application or by Adobe? Click the Watch button to subscribe.
