Summary: The Cybersecurity and Infrastructure Security Agency (CISA) has added vulnerabilities affecting Adobe ColdFusion and Oracle Agile PLM to its Known Exploited Vulnerabilities catalog due to evidence of active exploitation. The vulnerabilities allow for significant security risks, including arbitrary code execution and system compromise. Users and federal agencies are urged to apply the necessary updates to mitigate these threats.
Affected: Adobe ColdFusion, Oracle Agile Product Lifecycle Management (PLM)
Keypoints :
- CVE-2017-3066 (CVSS 9.8) allows arbitrary code execution in Adobe ColdFusion; fixed in April 2017.
- CVE-2024-20953 (CVSS 8.8) enables low-privileged attackers to compromise Oracle Agile PLM via HTTP; fixed in January 2024.
- Users are recommended to apply updates to reduce the risk of exploitation; federal agencies have until March 17, 2025, to secure their networks.
- GreyNoise reports 110 malicious IPs linked to active exploitation attempts, primarily from Bulgaria, Brazil, and Singapore.
- Additional threats from the state-sponsored group Salt Typhoon targeting telecom networks using other CVEs were noted.
Source: https://thehackernews.com/2025/02/two-actively-exploited-security-flaws.html