Summary: Adobe released vital security updates addressing 54 vulnerabilities in various software products, including critical flaws in ColdFusion that could allow remote code execution. The updates aim to protect users from malicious attacks, including privilege escalation and denial-of-service. Adobe emphasized the urgency, especially for ColdFusion and Commerce users, to implement these patches promptly.
Affected: Adobe ColdFusion, Adobe Commerce, Adobe FrameMaker, Adobe Photoshop, Adobe Premiere Pro, Adobe After Effects, Adobe Media Encoder
Keypoints:
- Adobe’s security updates cover critical vulnerabilities in multiple products, with ColdFusion issues ranked as vital.
- Fifteen documented vulnerabilities in ColdFusion can lead to arbitrary file system read and code execution risks.
- Other affected products, such as Premiere Pro and After Effects, also require immediate updates to mitigate potential remote code execution attacks.
Source: https://www.securityweek.com/adobe-calls-urgent-attention-to-critical-coldfusion-flaws/