Attackers can leverage the critical Adobe ColdFusion flaw to launch arbitrary code execution attacks.
In an unscheduled security update, Adobe is warning of a critical security flaw in its ColdFusion platform, used for building web applications.
The security alert comes two weeks after Adobe’s regularly-scheduled updates. During these updates, the tech company issued patches for a slew of critical security vulnerabilities, which, if exploited, could allow for arbitrary code execution on vulnerable Windows systems.
The latest flaw (CVE-2021-21087) exists in ColdFusion versions 2016 (Update 16 and earlier), 2018 (Update 10 and earlier) and 2021 (Version 2021.0.0.323925), and…