Monthly Archives: July 2023

Critical Adobe ColdFusion flaws chained in ongoing cyber attacks

July 18, 2023 Coldfusion 0

Critical Adobe ColdFusion flaws chained in ongoing cyber attacks

Two vulnerabilities in the Adobe ColdFusion platform are being actively exploited by threat actors in a series of cyber attacks, apparently after a proof of concept (PoC) for one of them was accidentally released to the public by researchers. The two vulnerabilities in question are CVE-2023-29298, an access control bypass flaw, and CVE-2023-38203, a remote code execution flaw, and together they seem to be being used to drop web shells on vulnerable ColdFusion instances in the service of enabling further attacks. However, according to Caitlin Condon of Rapid7, who has been tracking the vulnerabilities and posted new evidence detailing the exploit chain being used late on Monday 17 July, some confusion seems to have arisen over exactly what is going on. The background to the issue… Source link

Read More »

Active Exploitation of Multiple Adobe ColdFusion Vulnerabilities

July 17, 2023 Coldfusion 0

Active Exploitation of Multiple Adobe ColdFusion Vulnerabilities

Last updated at Thu, 10 Aug 2023 20:45:27 GMT Rapid7 managed services teams have observed exploitation of Adobe ColdFusion in multiple customer environments. The attacks our team has responded to thus far appear to be chaining CVE-2023-29298, a Rapid7-discovered access control bypass in ColdFusion that was disclosed on July 11, with an additional vulnerability. The behavior our teams are observing appears to be consistent with a zero-day exploit published (and then subsequently taken down) by Project Discovery circa July 12. Background On Tuesday, July 11, Adobe released fixes for several vulnerabilities affecting ColdFusion, including a Rapid7-discovered access control bypass vulnerability (CVE-2023-29298) that we disclosed… Source link

Read More »
© Copyright 2024, All Rights Reserved