QID 375858

Date Published: 2021-09-15

QID 375858: Adobe Genuine Service Privilege Escalation Vulnerability (APSB21-81)

Adobe Genuine periodically validates already installed Adobe Software. If it finds evidence of incorrect and invalid licenses, or tampering of program files, it automatically phones the company an alert for fraudulent use.

CVE-2021-40708 - Creation of Temporary File in Directory with Incorrect Permissions
Affected Versions:
Adobe Genuine Service for Mac and Windows version 7.3 and earlier.

QID Detection Logic (Authenticated):
This QID checks the vulnerable version of adobe genuine by checking file version of "AdobeGCClient.exe" (Windows) and "AdobeGCClient.app" (MacOS).

An attacker could exploit this vulnerability to escalate privilege on target system.

  • CVSS V3 rated as High - 7.1 severity.
  • CVSS V2 rated as High - 7.5 severity.
  • Solution

    Adobe has released fix to address this issue in Adobe Genuine Service version 7.4. The customers are advised to refer to APSB21-81 for updates pertaining to this vulnerability.

    CVEs related to QID 375858

    Software Advisories
    Advisory ID Software Component Link
    APSB21-81 URL Logo helpx.adobe.com/security/products/integrity_service/apsb21-81.html