CVE-2021-21069 – This vulnerability allows a local attacker to e... (How to Fix)

Q: What is the severity of CVE-2021-21069?

CVE-2021-21069 has a CVSS score of 7.8 (HIGH). This vulnerability allows a local attacker to escalate privileges on systems running vulnerable versions of Adobe Creative Cloud Desktop Application. By exploiting insecure function calls in the installer, an attacker can perform high-privileged actions without user interaction. It affects users with Adobe Creative Cloud Desktop Application version 5.3 or earlier installed.

📋 TL;DR

This vulnerability allows a local attacker to escalate privileges on systems running vulnerable versions of Adobe Creative Cloud Desktop Application. By exploiting insecure function calls in the installer, an attacker can perform high-privileged actions without user interaction. It affects users with Adobe Creative Cloud Desktop Application version 5.3 or earlier installed.

💻 Affected Systems

Products:

Adobe Creative Cloud Desktop Application

Versions: 5.3 and earlier

Operating Systems: Windows, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability is present in default installations; no special configuration is required for exploitation.

📦 What is this software?

Creative Cloud Desktop Application by Adobe

View all CVEs affecting Creative Cloud Desktop Application →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker gains full administrative control over the system, enabling installation of malware, data theft, or persistence mechanisms.

🟠

Likely Case

Local privilege escalation leading to unauthorized access to sensitive files or system settings.

🟢

If Mitigated

Limited impact if systems are patched or have strict user privilege controls, preventing local attackers from executing low-privileged code initially.

🌐 Internet-Facing: LOW, as exploitation requires local access to the system, not remote network access.

🏢 Internal Only: HIGH, as internal users or malware with local access can exploit this to gain elevated privileges on affected workstations.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation does not require user interaction, but an attacker must have local access to the system. No public proof-of-concept has been disclosed as of the advisory dates.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.4 or later

Vendor Advisory: https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.html

Restart Required: Yes

Instructions:

1. Open Adobe Creative Cloud Desktop Application. 2. Go to Help > Check for Updates. 3. Install any available updates to version 5.4 or higher. 4. Restart the system if prompted.

🔧 Temporary Workarounds

Restrict Local User Privileges

all

Limit standard user accounts to prevent execution of low-privileged code that could exploit this vulnerability.

🧯 If You Can't Patch

Uninstall Adobe Creative Cloud Desktop Application if not essential.
Implement strict access controls and monitor for suspicious local privilege escalation attempts.

🔍 How to Verify

Check if Vulnerable:

Check the installed version of Adobe Creative Cloud Desktop Application via the application's About menu or system settings.

Check Version:

On Windows: Check in Control Panel > Programs > Programs and Features. On macOS: Use 'ls /Applications/Adobe\ Creative\ Cloud/ACC/*' or check via the app's About menu.

Verify Fix Applied:

Confirm the version is 5.4 or later after updating.

📡 Detection & Monitoring

Log Indicators:

Unusual process creation by Adobe Creative Cloud installer, privilege escalation events in system logs.

Network Indicators:

None, as this is a local vulnerability.

SIEM Query:

Example: Search for events where process name contains 'Creative Cloud' and privilege level changes, e.g., in Windows Event Logs (Event ID 4688).

📊 Metadata

CVE ID: CVE-2021-21069

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-20

Published: March 12, 2021

Last Updated: November 21, 2024

🔗 References

https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.html Patch,Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-281/ Third Party Advisory
https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.html Patch,Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-281/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-21069, you might also want to check these: