Based on evidence of active exploitation, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw affecting Adobe ColdFusion to its Known Exploited Vulnerabilities (KEV) list on March 15.
CVE-2023-26360 (CVSS rating: 8.6) is the primary weakness in question, which could potentially allow a threat actor to execute arbitrary code.
According to CISA, Adobe ColdFusion has an inappropriate access control vulnerability that permits remote code execution.
The issue affects ColdFusion 2021 and ColdFusion 2018 (Update 15 and previous versions) (Update 5 and earlier versions). Additionally, versions Update 16 and Update 6, both issued on March 14, 2023, both address it.
It’s important to note that CVE-2023-26360 also affects installations of ColdFusion 2016 and ColdFusion 11, both of which the software provider no longer supports as they have reached end-of-life (EoL).
In an advisory, Adobe acknowledged the existence of the vulnerability and stated that it has been “exploited in the wild in extremely limited attacks.” However, the specifics of the attacks are currently unclear.
By April 5, 2023, Federal Civilian Executive Branch (FCEB) organizations must implement the modifications to protect their networks from potential threats.
Security researchers Pete Freitag and Charlie Arehart, who discovered and disclosed the vulnerability, have characterized it as a “severe” issue that could potentially result in “arbitrary code execution” and “arbitrary file system read.”
MANAGED CYBERSECURITY SOLUTIONS
Rhyno delivers a range of activities that combine to fully protect your infrastructure and data from cybercriminals, anywhere and everywhere, 24/7/365.
About Rhyno Cybersecurity Services
Rhyno Cybersecurity is a Canadian-based company focusing on 24/7 Managed Detection and Response, Penetration Testing, Enterprise Cloud, and Cybersecurity Solutions for small and midsize businesses.
Our products and services are robust, innovative, and cost-effective. Underpinned by our 24x7x365 Security Operations Centre (SOC), our experts ensure you have access to cybersecurity expertise when you need it the most.