The open-source platform of Magento CMS also received patches for 13 flaws: 6 critical, 4 important, and 3 moderate in severity. Bridge versions 10.0.4 and up have all these issues resolved, so install the needed patches. The other ones are issues regarding information stealing. The most severe bugs out of these can cause major damage when exploited due to malicious code execution and information leaks.Ĭritical vulnerabilities involve mainly digital management app Adobe Bridge that is found vulnerable to 17 flaws, and 14 of them can lead to remote attacks and are critical, as security researchers discovered. The software developer released three separate security advisories addressing all 35 vulnerabilities, including 25 critical flaws. 35 vulnerabilities and 25 out of them are deemed critical Three of them are listed as important, the other ones as critical, so the update was out-of-band for a reason. Seventeen flaws in Bridge that allow information disclosure and arbitrary code execution get fixed with this patch. This is the digital asset management software used by many companies and organizations. The biggest part of these flaws affects Adobe Bridge versions for macOS and Windows. There are several Critical-rated CVEs being addressed that could allow a remote attacker to execute code on a system if a user opened a specially crafted file. These bugs can lead to even data loss and breaches. These remote code execution vulnerabilities are considered critical because remote attackers can launch commands on the security context of the exploited process. When one of the programs gets affected, multiple arbitrary codes can be easily executed or data infiltrated. The update includes patches for 35 newly discovered vulnerabilities that were reported as critical. Magento, Bridge, and Illustrator received fixes for possible arbitrary code execution vulnerabilities with the newest Adobe update.Īdobe released emergency updates for Adobe Illustrator, Adobe Bridge, and Magento e-commerce platforms. Adobe released updates that patch critical remote code execution vulnerabilities besides other security flaws
0 Comments
Leave a Reply. |