Vulnerabilities

Adobe warns customers of a critical ColdFusion RCE exploited in attacks

Issued by: Security Affairs

Source
Advertisement


Adobe warns customers of a critical ColdFusion pre-authentication remote code execution vulnerability, tracked as CVE-2023-29300 (CVSS score 9.8), that is actively exploited in attacks in the wild.

“Adobe is aware that CVE-2023-29300 has been exploited in the wild in very limited attacks targeting Adobe ColdFusion,” reads a statement sent by the company to its customers.

An unauthenticated visitor can exploit the vulnerability to remotely execute commands on vulnerable Coldfusion 2018, 2021, and 2023 servers.

Read more
You might also like
Vulnerabilities

Mastodon: different social network, additional risks

Vulnerabilities

Google Patches Two More Exploited Zero-Day Vulnerabilities in Chrome

Vulnerabilities

Researchers Publish Details on Recent Critical Hyper-V Vulnerability

Vulnerabilities

Microsoft Confirms ‘PrintNightmare’ is New Windows Security Flaw

Advertisement