October 3, 2023

The US CISA added a critical flaw CVE-2023-26359 with a CVSS score 9.8 affecting Adobe ColdFusion to its Known Exploited Vulnerabilities Catalog.

Adobe fixed the vulnerability in March 2023. It is a deserialization of untrusted data issue in Adobe ColdFusion that can lead to arbitrary code execution in the context of the current user.

Advertisements

The exploitation of this issue does not require user interaction.

Adobe is aware of very limited attacks in the wild, exploiting this ColdFusion flaw

CISA orders federal agencies to fix this flaw by September 11, 2023.

Tags:

Leave a Reply

You may have missed

Industrial Control Systems and Vulnerability Management Process

October 2, 2023

McLaren Healthcare suffers a Ransomware Incident

October 2, 2023

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – September, 2023

October 2, 2023

TheCyberThrone Security Week In Review – September 30, 2023

October 1, 2023

Mozilla fixes CVE-2023-5217 Vulnerability in its Products

September 30, 2023

CISA KEV Update Part III – September 2023

September 30, 2023
%d bloggers like this: