CVE-2021-43017
📊 4.2 MEDIUM⚡ 0.3%🎯 0 exploits
📅 Published Nov 18, 2021
📋 Status: Modified
Adobe Creative Cloud version 5.5 (and earlier) are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker with root privileges could leverage this vulnerability to achieve denial of service by planting a malicious file on the victim's local machine. User interaction is required before product installation to abuse this vulnerability.
CVSS v3.1 • [email protected]
🎯 Affected Products & Systems
2 product configurations affected
Filter by type:
| Type | Vendor | Product | Version Range | Status | CPE String |
|---|---|---|---|---|---|
📱App | adobe | creative cloud desktop application | ≤ 5.5 | Vulnerable | cpe:2.3:a:adobe:creative_cloud_desktop_application:*:*:*:*:*:*:*:* |
💻OS | apple | macos | All versions | Not Vulnerable | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* |
📱
VulnerableApplication
Version: ≤ 5.5
CPE:
cpe:2.3:a:adobe:creative_cloud_desktop_application:*:*:*:*:*:*:*:*
Metrics
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
Attack Vector:
LOCAL
Complexity:
LOW
Privileges:
HIGH
User Interaction:
REQUIRED
Confidentiality:
NONE
Integrity:
NONE
Availability:
HIGH
Scope:
UNCHANGED
🔍 Technical Details
Analysis Status
ModifiedCVSS Details
4.2 (MEDIUM)v3.1
Source: [email protected]
EPSS Details
0.3% (Minimal)54.9th percentile
Last updated: Oct 31, 2025
Exploitation probability within 30 days
Published Date
Nov 18, 2021 (3 years ago)
Last Modified
Nov 21, 2024 (11 months ago)
Security Weaknesses2
CWE-379
References2
NVDpatch