Adobe Security Bulletin

Last updated on May 19, 2022

Security updates available for Adobe Photoshop | APSB20-45

Bulletin ID	Date Published	Priority
APSB20-45	July 21, 2019	3

Summary

Adobe has released updates for Photoshop for Windows and macOS. These updates resolve multiple critical and medium vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user.   

Affected Product Versions

Product	Affected version	Platform
Photoshop CC 2019	20.0.9 and earlier	Windows and macOS
Photoshop 2020	21.2 and earlier	Windows and macOS

Solution

Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version via the Creative Cloud desktop app’s update mechanism.  For more information, please reference this help page.   

Product	Updated versions	Platform	Priority
Photoshop CC 2019	20.0.10	Windows and macOS	3
Photoshop CC	21.2.1	Windows and macOS	3

Note:

For managed environments, IT administrators can use the Admin Console to deploy Creative Cloud applications to end users. Refer to this help page for more information.

Vulnerability details

Vulnerability Category	Vulnerability Impact	Severity	CVE Number
Out-of-bounds read	Arbitrary code execution	Critical	CVE-2020-9683 CVE-2020-9686
Out-of-bounds write	Arbitrary code execution	Critical	CVE-2020-9684 CVE-2020-9685 CVE-2020-9687
Security bypass	Privilege Escalation	Important	CVE-2020-9709

Acknowledgments

Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:   

Mat Powell of Trend Micro Zero Day Initiative (CVE-2020-9683, CVE-2020-9686, CVE-2020-9684, CVE-2020-9685, CVE-2020-9687)
Xavier DANEST from Decathlon (CVE-2020-9709)

Revisions

May 10, 2022: Affected Version Platform revised.

Adobe

Get help faster and easier

New user?