Vulnerability Database

309,961

Total vulnerabilities in the database

CVE-2025-54271

Creative Cloud Desktop versions 6.7.0.278 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to arbitrary file system write. A low-privileged attacker could exploit the timing between the check and use of a resource, potentially allowing unauthorized modifications to files. Exploitation of this issue does not require user interaction.

Published: Oct 15, 2025
Updated: Nov 17, 2025
CVE: CVE-2025-54271
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.6
AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N

CWEs:

CWE-367

Affected Software
References

Software	From	Fixed in
adobe / creative_cloud	-	6.8.0.821

https://helpx.adobe.com/security/products/creative-cloud/apsb25-95.html

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo