Date Published: 2021-09-15
QID 375858: Adobe Genuine Service Privilege Escalation Vulnerability (APSB21-81)
Adobe Genuine periodically validates already installed Adobe Software. If it finds evidence of incorrect and invalid licenses, or tampering of program files, it automatically phones the company an alert for fraudulent use.
CVE-2021-40708 - Creation of Temporary File in Directory with Incorrect Permissions
Adobe Genuine Service for Mac and Windows version 7.3 and earlier.
QID Detection Logic (Authenticated):
This QID checks the vulnerable version of adobe genuine by checking file version of "AdobeGCClient.exe" (Windows) and "AdobeGCClient.app" (MacOS).
An attacker could exploit this vulnerability to escalate privilege on target system.
Adobe has released fix to address this issue in Adobe Genuine Service version 7.4. The customers are advised to refer to APSB21-81 for updates pertaining to this vulnerability.
CVEs related to QID 375858