CVE-2021-39828

medium

Description

Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by a privilege escalation vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product installation to abuse this vulnerability.

References

https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html

Details

Source: MITRE

Published: 2021-09-27

Updated: 2021-10-01

Type: CWE-379

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 6.5

Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 0.6

Severity: MEDIUM