CVE-2021-28597: Adobe Photoshop Elements Privilege Escalation Vulnerability - symbolic link
First published: Mon Jun 28 2021(Updated: )
Adobe Photoshop Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Photoshop Elements | <5.3 | |
| Apple iOS and macOS | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2021-28597?
CVE-2021-28597 is classified as a critical vulnerability due to potential unauthorized actions at high privilege levels.
How do I fix CVE-2021-28597?
To mitigate CVE-2021-28597, users should update Adobe Photoshop Elements to version 5.3 or later.
What software is affected by CVE-2021-28597?
CVE-2021-28597 affects Adobe Photoshop Elements version 5.2 and earlier.
What types of attacks can leverage CVE-2021-28597?
Attackers can exploit CVE-2021-28597 to perform high privileged actions through insecure temporary file creation.
Is Adobe Photoshop Elements 5.3 vulnerable to CVE-2021-28597?
No, Adobe Photoshop Elements version 5.3 and later are not vulnerable to CVE-2021-28597.
- agent/weakness
- agent/softwarecombine
- agent/type
- agent/severity
- agent/author
- agent/title
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe photoshop elements
- vendor/apple
- canonical/apple ios and macos
- vendor/microsoft
- canonical/microsoft windows