CVE-2020-9668: AGSService program mishandling symbolic links
First published: Fri Apr 16 2021(Updated: )
Adobe Genuine Service version 6.6 (and earlier) is affected by an Improper Access control vulnerability when handling symbolic links. An unauthenticated attacker could exploit this to elevate privileges in the context of the current user.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Genuine Service | <=6.6 | |
| Apple macOS | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2020-9668?
CVE-2020-9668 has a severity level that allows for potential privilege escalation.
How do I fix CVE-2020-9668?
To fix CVE-2020-9668, update Adobe Genuine Service to version 6.7 or later.
What systems are affected by CVE-2020-9668?
CVE-2020-9668 affects Adobe Genuine Service versions 6.6 and earlier on supported operating systems.
Can an unauthorized user exploit CVE-2020-9668?
Yes, an unauthenticated attacker can exploit CVE-2020-9668 by manipulating symbolic links.
What type of vulnerability is CVE-2020-9668?
CVE-2020-9668 is categorized as an Improper Access Control vulnerability.
- agent/type
- agent/softwarecombine
- agent/references
- agent/title
- agent/severity
- agent/weakness
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/tags
- agent/source
- vendor/adobe
- canonical/adobe genuine service
- version/adobe genuine service/6.6
- vendor/apple
- canonical/apple macos
- vendor/microsoft
- canonical/microsoft windows