Adobe has fixed a critical vulnerability in its Creative Cloud desktop application that can be exploited by attackers to delete arbitrary files.
Creative Cloud is a collection of 20+ desktop and mobile apps and services for photography, design, video, web, UX and more. Now you can take your ideas to new places with Photoshop on the iPad, draw and paint with Fresco, and design for 3D and AR.
“Adobe has released a security update for Adobe Creative Cloud Desktop Application for windows. This update address a critical vulnerability. Successful exploitation could lead to arbitrary File Deletion in the context of the current user.” reads the advisory published by Adobe.
The critical vulnerability, tracked as
CVE-2020-3808, is a Time-of-check time-of-use (TOCTOU) race condition that was reported by jiadong Lu South China University of Technology and Zhiniang Peng of Qihoo 360 Core Security.