CVE-2021-43017

📊 4.2 MEDIUM⚡ 0.3%🎯 0 exploits

📅 Published Nov 18, 2021

📋 Status: Modified

Adobe Creative Cloud version 5.5 (and earlier) are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker with root privileges could leverage this vulnerability to achieve denial of service by planting a malicious file on the victim's local machine. User interaction is required before product installation to abuse this vulnerability.

CVSS v3.1 • [email protected]

🎯 Affected Products & Systems

2 product configurations affected

Filter by type:

Type	Vendor	Product	Version Range	Status	CPE String
📱App	adobe	creative cloud desktop application	≤ 5.5	Vulnerable	cpe:2.3:a:adobe:creative_cloud_desktop_application::::::::
💻OS	apple	macos	All versions	Not Vulnerable	cpe:2.3:o:apple:macos:-:::::::*

📱

adobe / creative cloud desktop application

Application

Vulnerable

Version: ≤ 5.5

CPE:

cpe:2.3:a:adobe:creative_cloud_desktop_application:*:*:*:*:*:*:*:*

💻

apple / macos

Operating System

Safe

Version: All versions

CPE:

cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

Metrics

4.2 MEDIUMCVSS v3.1[email protected]

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H

Attack Vector:

LOCAL

Complexity:

LOW

Privileges:

HIGH

User Interaction:

REQUIRED

Confidentiality:

NONE

Integrity:

NONE

Availability:

HIGH

Scope:

UNCHANGED

🔍 Technical Details

Analysis Status

Modified

CVSS Details

4.2 (MEDIUM)v3.1

Source: [email protected]

EPSS Details

0.3% (Minimal)54.9th percentile

Last updated: Oct 30, 2025

Exploitation probability within 30 days

Published Date

Nov 18, 2021 (3 years ago)

Last Modified

Nov 21, 2024 (11 months ago)

Security Weaknesses2

CWE-379

References2

NVDpatch