Login Sign Up

CVE-2019-8071

9.8 CRITICAL

📋 TL;DR

Adobe Download Manager version 2.0.0.363 has insecure file permissions that allow local users to modify files with elevated privileges. This vulnerability enables privilege escalation attacks where attackers can gain higher system access. Only users running this specific version are affected.

💻 Affected Systems

Products:
  • Adobe Download Manager
Versions: 2.0.0.363
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects the specific version 2.0.0.363; earlier or later versions are not vulnerable.

📦 What is this software?

Download Manager by Adobe

View all CVEs affecting Download Manager →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise through privilege escalation to SYSTEM/root level access, allowing complete control over the affected system.

🟠

Likely Case

Local attackers gain administrative privileges to install malware, modify system files, or access sensitive data.

🟢

If Mitigated

Limited impact with proper user account controls and least privilege principles in place.

🌐 Internet-Facing: LOW - This is a local privilege escalation vulnerability requiring local access to exploit.
🏢 Internal Only: HIGH - Internal users with local access can exploit this to escalate privileges on affected systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires local access to the system and knowledge of insecure file locations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.0.0.364 and later

Vendor Advisory: https://helpx.adobe.com/security/products/adm/apsb19-51.html

Restart Required: Yes

Instructions:

1. Open Adobe Download Manager. 2. Go to Help > Check for Updates. 3. Install available updates. 4. Restart the application.

🔧 Temporary Workarounds

Uninstall Adobe Download Manager

windows

Remove the vulnerable software entirely to eliminate the attack surface.

Control Panel > Programs > Uninstall a program > Select Adobe Download Manager > Uninstall

Restrict File Permissions

windows

Manually adjust file permissions for Adobe Download Manager directories to prevent unauthorized modifications.

icacls "C:\Program Files\Adobe\Download Manager" /inheritance:r /grant:r "Users:(OI)(CI)RX" /grant:r "Administrators:(OI)(CI)F"

🧯 If You Can't Patch

  • Implement strict least privilege principles - ensure users run with minimal necessary permissions
  • Monitor file system changes in Adobe Download Manager directories using file integrity monitoring tools

🔍 How to Verify

Check if Vulnerable:

Check Adobe Download Manager version in Help > About or verify file version of ADM.exe in installation directory.

Check Version:

wmic product where name="Adobe Download Manager" get version

Verify Fix Applied:

Confirm version is 2.0.0.364 or higher in Help > About dialog.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected file modifications in Adobe Download Manager directories
  • Privilege escalation attempts in Windows security logs

Network Indicators:

  • No network indicators - this is a local privilege escalation vulnerability

SIEM Query:

EventID=4688 AND ProcessName="*adm*" AND NewProcessName="*cmd*" OR NewProcessName="*powershell*"

📊 Metadata

CVE ID: CVE-2019-8071
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-732
Published: October 17, 2019
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2019-8071, you might also want to check these:

CVE-2021-33509 9.9

This vulnerability allows remote authenticated managers in Plone to perform arbitrary disk I/O opera...

Same vulnerability type (CWE-732)
CVE-2024-5618 9.9

This vulnerability allows attackers to access functionality they shouldn't have permission to use in...

Same vulnerability type (CWE-732)
CVE-2023-40622 9.9

This vulnerability in SAP BusinessObjects Business Intelligence Platform allows authenticated attack...

Same vulnerability type (CWE-732)