CVE-2021-28623: Adobe Premiere Elements Privilege Escalation Vulnerability
First published: Mon Jun 28 2021(Updated: )
Adobe Premiere Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Premiere Elements | <5.3 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-28623?
CVE-2021-28623 is an insecure temporary file creation vulnerability in Adobe Premiere Elements version 5.2 and earlier.
How does CVE-2021-28623 impact Adobe Premiere Elements?
CVE-2021-28623 enables an unauthenticated attacker to call functions against the installer to perform high privileged actions in Adobe Premiere Elements version 5.2 and earlier.
What is the severity of CVE-2021-28623?
CVE-2021-28623 has a severity rating of 5.5 (medium).
How can I fix CVE-2021-28623?
To fix CVE-2021-28623, update to Adobe Premiere Elements version 5.3 or later.
Where can I find more information about CVE-2021-28623?
You can find more information about CVE-2021-28623 at the following link: [Adobe Security Bulletin APSB21-47](https://helpx.adobe.com/security/products/premiere_elements/apsb21-47.html)
- collector/nvd-index
- agent/weakness
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/references
- agent/title
- agent/author
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/adobe
- canonical/adobe premiere elements
- vendor/microsoft
- canonical/microsoft windows