Adobe Patches

April 9, 2025Ravi LakshmananSoftware Security/Vulnerabilities

Adobe has released a security update to fix the latest security information set, including multiple critical level bugs in ColdFusion versions 2025, 2023, and 2021.

Of the 30 defects in the product, 11 are rated as important in severity –

CVE-2025-244446 (CVSS score: 9.1) – Inappropriate input validation vulnerability that could read any file system CVE-2025-24447 (CVSS score: 9.1) – Untrusted data vulnerability that could cause execution of any code code Inappropriate access control vulnerability that could lead to any file system CVE-2025-30282 (CVSS score: 9.1) – Inappropriate authentication vulnerability that could lead to any code execution CVE-2025-30284 (CVSS score: 8.0) – Possible degraded CVE-2025-30285 (CVSS score: 8.0) that could lead to untrusted data vulnerabilities that could lead to arbitrary code execution a-2025-30286 (CVSS score: 8.0) that could lead to arbitrary code execution operating system command injection vulnerabilities that could lead to arbitrary code execution vulnerabilities that could lead to arbitrary code execution vulnerabilities that could lead to arbitrary code execution vulnerabilities that could lead to arbitrary code execution vulnerabilities that could lead to arbitrary code execution vulnerabilities that could lead to security feature bypass

“These updates resolve critical and critical vulnerabilities that can lead to reading any file system, execution of any code, and bypassing security features,” Adobe said in its advisory.

The vulnerability was resolved in the following versions –

ColdFusion2021 Update 19 ColdFusion 2023 Update 13, and ColdFusion 2025 Update1

Also released fixes to address after effects (CVE-2025-27182, CVE-2025-27183), media encoder (CVE-2025-27195), CVE-2025-27195), and several outbound write and heap-based buffer overflow bugs. (CVE-2025-27196), Photoshop (CVE-2025-27198), Animate (CVE-2025-27199), and Framemaker (CVE-2025-30304, CVE-2025-30297, CVE-2025-30295) can cause any code executive.

Adobe also noted that it is unaware of any of the aforementioned drawbacks. That said, it is essential for users to update their installation to the latest version to protect against potential threats.

Did you find this article interesting? Follow us on Twitter and LinkedIn to read exclusive content you post.

Source link

What's Hot

Parallel Web Systems reaches $2 billion valuation 5 months after last major funding

SAP-related npm packages compromised in supply chain attack that steals credentials

Bill Gurley and Jack Altman back Pursuit, a startup that helps companies sell to governments

SAP-related npm packages compromised in supply chain attack that steals credentials

New wave of North Korean attacks using AI-embedded npm malware, fake companies, and RATs

How to automate exposure verification at the speed of AI attacks

Parallel Web Systems reaches $2 billion valuation 5 months after last major funding

SAP-related npm packages compromised in supply chain attack that steals credentials

Bill Gurley and Jack Altman back Pursuit, a startup that helps companies sell to governments

Uber is now entering the hotel business thanks to AI

Castilla-La Mancha Ignites Innovation: fiveclmsummit Redefines Tech Future

Local Power, Health Innovation: Alcolea de Calatrava Boosts FiveCLM PoC with Community Engagement

The Future of Digital Twins in Healthcare: From Virtual Replicas to Personalized Medical Models

Human Digital Twins: The Next Tech Frontier Set to Transform Healthcare and Beyond

What's Hot

Adobe Patches

Related Posts