CVE-2025-21162: Photoshop Elements | Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)
First published: Tue Feb 11 2025(Updated: )
Photoshop Elements versions 2025.0 and earlier are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Photoshop Elements | <2025.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2025-21162?
CVE-2025-21162 has a severity rating that indicates a risk of privilege escalation through incorrect permissions of temporary files.
How do I fix CVE-2025-21162?
To fix CVE-2025-21162, update Adobe Photoshop Elements to version 2025.1 or later to ensure proper permissions are set.
Who is affected by CVE-2025-21162?
Users of Adobe Photoshop Elements versions 2025.0 and earlier are affected by CVE-2025-21162.
What is the potential impact of CVE-2025-21162?
The potential impact of CVE-2025-21162 includes privilege escalation that could allow unauthorized access to system resources.
Does exploiting CVE-2025-21162 require user interaction?
Yes, exploiting CVE-2025-21162 requires user interaction to trigger the vulnerability.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/title
- agent/type
- agent/description
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/severity
- agent/author
- agent/source
- agent/tags
- agent/event
- vendor/adobe
- canonical/adobe photoshop elements