CVE-2021-28547

📊 7.8 HIGH⚡ 0.1%🎯 0 exploits

📅 Published Sep 29, 2021

📋 Status: Modified

Adobe Creative Cloud Desktop Application for macOS version 5.3 (and earlier) is affected by a privilege escalation vulnerability that could allow a normal user to delete the OOBE directory and get permissions of any directory under the administrator authority.

CVSS v3.0 • [email protected]

🎯 Affected Products & Systems

3 product configurations affected

Filter by type:

Type	Vendor	Product	Version Range	Status	CPE String
📱App	adobe	creative cloud desktop application	≤ 5.3	Vulnerable	cpe:2.3:a:adobe:creative_cloud_desktop_application::::::::
💻OS	apple	macos	All versions	Not Vulnerable	cpe:2.3:o:apple:macos:-:::::::*
💻OS	microsoft	windows	All versions	Not Vulnerable	cpe:2.3:o:microsoft:windows:-:::::::*

📱

adobe / creative cloud desktop application

Application

Vulnerable

Version: ≤ 5.3

CPE:

cpe:2.3:a:adobe:creative_cloud_desktop_application:*:*:*:*:*:*:*:*

💻

apple / macos

Operating System

Safe

Version: All versions

CPE:

cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

💻

microsoft / windows

Operating System

Safe

Version: All versions

CPE:

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Metrics

7.8 HIGHCVSS v3.0[email protected]

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector:

LOCAL

Complexity:

LOW

Privileges:

LOW

User Interaction:

NONE

Confidentiality:

HIGH

Integrity:

HIGH

Availability:

HIGH

Scope:

UNCHANGED

🔍 Technical Details

Analysis Status

Modified

CVSS Details

7.8 (HIGH)v3.0

Source: [email protected]

EPSS Details

0.1% (Minimal)22.9th percentile

Last updated: Oct 30, 2025

Exploitation probability within 30 days

Published Date

Sep 29, 2021 (4 years ago)

Last Modified

Nov 21, 2024 (11 months ago)

Security Weaknesses2

CWE-20

References2

NVDpatch