CVE-2021-40776

Description

Adobe Lightroom Classic 10.3 (and earlier) are affected by a privilege escalation vulnerability in the Offline Lightroom Classic installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product installation to abuse this vulnerability.

Related CPE's

aadobelightroom****classic***

omicrosoftwindows-*******

oapplemacos-*******

References

https://helpx.adobe.com/security/products/lightroom/apsb21-97.html

PatchVendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

AccessComplexity

MEDIUM

ConfidentialityImpact

COMPLETE

AvailabilityImpact

COMPLETE

IntegrityImpact

COMPLETE

BaseScore

6.599999904632568

VectorString

AV:L/AC:M/Au:S/C:C/I:C/A:C

Version

2.0

AccessVector

LOCAL

Authentication

SINGLE

Created by Yello
About Severity.io