One Article Review
| Source |  Cyble |
|---|---|
| Identifiant | 8648875 |
| Date de publication | 2025-02-18 14:09:54 (vue: 2025-02-18 15:08:15) |
| Titre | CERT-In Issues Critical Warning on Adobe Software Security Flaws |
| Texte | 
Overview
The Indian Computer Emergency Response Team (CERT-In) has issued a critical security advisory (CIVN-2025-0025) detailing multiple vulnerabilities across various Adobe products. These security flaws pose significant risks, including unauthorized code execution, privilege escalation, security bypass, and denial-of-service (DoS) attacks. Users and administrators of affected Adobe software are urged to apply security updates immediately to mitigate these risks.
Affected Software
The vulnerabilities impact multiple Adobe products across different versions. The affected software includes:
Adobe InDesign
InDesign 1D20.0 and earlier versions
InDesign 1D19.5.1 and earlier versions
Adobe Commerce
Adobe Commerce 2.4.4-p11 and earlier versions
Adobe Commerce B2B 1.3.3-p11 and earlier versions
Magento Open Source 2.4.4-p11 and earlier versions
Adobe Substance 3D Stager
Substance 3D Stager 3.1.0 and earlier versions
Adobe InCopy
InCopy 20.0 and earlier versions
|
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | 0025 1024x512 1d19 1d20 2024 20240918 2025 300x150 access across act actions activities activity: actors administrators adobe advisories advisory affected after allocated allowing application applications apply applying arbitrary are arithmetic assessment attack attacker attackers attacks attempts authorization available awareness: b2b backups backups: based behavior best beyond blogs bounds buffer builds: built bulletin bypass bypass: bypassing cae27345 can caption= case causing cert changes check checks circumvent civn classified code com/wp commerce compromise compromised computer conclusion condition: content/uploads/2025/02/cyble control control: controlled controls corruption crashes creation critical cross crucial cyble d3263bae data denial dereference: designer detailing details different digital disrupting dos during earlier ecosystem educate elements elevated emergency enable enabling ensure ensuring environments errors escalation escalation: execution execution: exploit exploitation exploiting exposing feature features: file file= files firewalls flaws following free: from full further gain gaining growing has heap high higher highlight https://cyble https://www illustrator image immediately impact implement improper includes: including including: incopy incorrect indesign indian information infrastructure injection input instability installed integer issued issues jpg large latest lead leading machines magento maintain maintaining making malicious may measures medium memory minimize mitigate mitigating mitigation modify monitor multiple must need null open operations org organizations out outside over overflow: overview p11 patches path permissions: phishing photoshop pointer pointers pose possible potential potentially practices prevent privilege privileges privileges: proactive productivity products promptly pse race read: reading recognizing recommended recommends recovery reduce references regular regularly released relying remain reported resources response restrict restricted result risk risks run safeguard scripting scripts secure security sensitive service settings should should: significant site software software: soon source stack stager state staying stem stored strongly substance successful such suspicious swiftly system systems team teams technical temporary them these threats time title= toctou traversal: unauthorized unavailability underflow unpredictable unusual update updated updates urged use user users validation: various versions vigilant vulnerabilities warning wraparound write: writing xss |
| Tags | Vulnerability Threat |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.