CVE-2025-64896 in Creative Cloud Desktop
Summary
by MITRE • 12/10/2025
Creative Cloud Desktop versions 6.4.0.361 and earlier are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to disrupt the application's functionality by manipulating temporary files. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 12/10/2025
The vulnerability identified as CVE-2025-64896 affects Creative Cloud Desktop applications version 6.4.0.361 and earlier, presenting a critical security flaw in temporary file handling mechanisms. This issue falls under the category of improper file permissions and temporary file management, which represents a significant concern in application security. The vulnerability stems from the application's failure to properly secure temporary files created during normal operations, creating opportunities for malicious actors to manipulate these files and subsequently disrupt application functionality.
The technical flaw manifests when the Creative Cloud Desktop application creates temporary files in directories that lack appropriate permission controls. This misconfiguration allows unauthorized users or processes to modify or replace these temporary files, leading to potential denial-of-service conditions. The vulnerability specifically impacts the application's ability to maintain stable operation since temporary files are essential for various application processes including cache management, temporary data storage, and inter-process communication. When these files become corrupted or manipulated by an attacker, the application may crash or fail to function properly, resulting in complete service disruption for end users.
The operational impact of this vulnerability extends beyond simple application instability, creating potential security risks that could be exploited in targeted attacks. An attacker must obtain user interaction to successfully exploit this vulnerability, typically through social engineering tactics that trick users into opening malicious files. This requirement for user interaction makes the attack vector more complex but also more realistic in enterprise environments where users may encounter phishing attempts or other social engineering campaigns. The vulnerability could be particularly dangerous in corporate environments where Creative Cloud Desktop applications are widely deployed, as it could be used to disrupt productivity across multiple users simultaneously.
From a cybersecurity perspective, this vulnerability aligns with CWE-377, which addresses the creation of temporary files with insecure permissions, and represents a classic example of privilege escalation through file system manipulation. The issue also connects to ATT&CK technique T1059, which involves executing malicious code through user interaction, and T1499, which encompasses denial-of-service attacks. Organizations should implement immediate mitigations including updating to the latest Creative Cloud Desktop version, implementing proper file permission controls, and educating users about the risks of opening untrusted files. Additionally, security teams should monitor for suspicious file access patterns and consider implementing application whitelisting measures to prevent unauthorized file execution. The vulnerability underscores the critical importance of proper temporary file management in preventing both denial-of-service conditions and potential privilege escalation attacks within enterprise environments.