https://helpx.adobe.com/security/products/creative-cloud/apsb21-76.html

The version of Adobe Creative Cloud installed on the remote macOS host is prior to 5.5. It is, therefore, affected by a vulnerability as referenced in the apsb21-76 advisory.

  - Adobe Creative Cloud Desktop Application version 5.4 (and earlier) is affected by a file handling     vulnerability that could allow an attacker to arbitrarily overwrite a file. Exploitation of this issue     requires local access, administrator privileges and user interaction. (CVE-2021-28613)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Adobe Creative Cloud Desktop Application installed on the remote Windows host is prior or equal to 5.4. It is, therefore, affected by an arbitrary file system write vulnerability. Creation of a temporary file in a directory with incorrect permissions allows an authenticated, local attacker to execute arbitrary code.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

This plugin has been deprecated, as the APSB21-76 advisory does not have Windows as an affected version. Use macosx_adobe_creative_cloud_apsb21-76.nasl (plugin ID 153459) instead.

ID	Name	Product	Family	Severity
153459	Adobe Creative Cloud < 5.5 Arbitrary file system write (APSB21-76) (macOS)	Nessus	MacOS X Local Security Checks	high
153458	Adobe Creative Cloud Desktop Application <= 5.4 Arbitrary File System Write (APSB21-76) (deprecated)	Nessus	Windows	high

CVE-2021-28613

high

Tenable Plugins

high

high