CVE-2023-38533

MEDIUM Year: 2023
CVSS v3 Score
3.3
Low
Weakness Type
CWE-379
View all →

Vulnerability Description

A vulnerability has been identified in TIA Administrator (All versions < V3 SP2). The affected component creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update process.

Related Vulnerabilities

CVE-2021-43017

MEDIUM
CVSS:4.2(Medium)

Adobe Creative Cloud version 5.5 (and earlier) are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker with root privileges co...

CWE-3792021

CVE-2016-9486

HIGH
CVSS:7.8(High)

On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration i...

CWE-3792016

CVE-2021-21100

HIGH
CVSS:7.8(High)

Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to ach...

CWE-3792021

CVE-2021-31411

HIGH
CVSS:7.8(High)

Insecure temporary directory usage in frontend build functionality of com.vaadin:flow-server versions 2.0.9 through 2.5.2 (Vaadin 14.0.3 through Vaadin 14.5.2), 3.0 prior to 6.0 (Vaadin 15 prior to 19...

CWE-3792021

CVE-2023-21611

HIGH
CVSS:7.8(High)

Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Creation of Temporary File in Directory with Incorrect Permissions...

CWE-3792023

CVE-2023-21612

HIGH
CVSS:7.8(High)

Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Creation of Temporary File in Directory with Incorrect Permissions...

CWE-3792023