Adobe Security Bulletin
Security update available for Adobe Dreamweaver | APSB20-55
Bulletin ID Date Published Priority
APSB20-55
October 20, 2020
3

Summary

Adobe has released a security update for Adobe Dreamweaver.  This update resolves a vulnerability rated important. Successful exploitation could lead to privilege escalation in the context of the current user.    

Affected Versions

Product Affected Versions Platform
Adobe Dreamweaver  20.2 and earlier versions  
Windows and macOS

Solution

Adobe categorizes this update with the following priority rating and recommends users to use latest builds for new installation via the Creative Cloud desktop app updater, or by navigating to the Dreamweaver Help menu and clicking "Updates." For more information, please reference this help page.  

Product Updated Version Platform Priority rating
Adobe Dreamweaver  21.0
Windows and macOS 
3

Note:

Note:  For managed environments, IT administrators can use the Creative Cloud Packager to create deployment packages. Refer to this help page for more information on the Creative Cloud Packager.   

Vulnerability Details

Vulnerability Category Vulnerability Impact Severity CVE Numbers
Uncontrolled Search Path Element
Privilege Escalation  Important CVE-2020-24425

Updates to dependencies

Dependency
Vulnerability Impact
Affected Version
libCURL
Privilege escalation
Dreamweaver 20.1 and earlier versions

Acknowledgements

Adobe would like to thank Xavier DANEST from Decathlon for reporting these issues and working with Adobe to help protect our customers.