Dec 06, 2023NewsroomVulnerability / Web Server Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors to gain initial access to government servers. “The vulnerability in ColdFusion (CVE-2023-26360) presents as an improper access control issue and exploitation of this CVE can result in arbitrary code execution,” CISA said, adding an unnamed federal agency was targeted between June and July 2023. The shortcoming affects ColdFusion 2018 (Update 15 and earlier versions) and ColdFusion 2021 (Update 5 and earlier versions). It has been addressed in versions Update 16 and Update 6, respectively, released on March 14, 2023. It was added by CISA to the Known… Source link
Read More »Unpatched Adobe ColdFusion bug led to double breach of US federal agency
Threat actors abused a known Adobe ColdFusion bug to carry out two attacks on a U.S. federal agency’s systems two months after a mandated deadline to mitigate the vulnerability had passed. The incident was disclosed in a Dec. 5 cybersecurity advisory published by the Cybersecurity and Infrastructure Security Agency (CISA) which did not name the federal civilian executive branch (FCEB) agency involved. The attacks — carried out by either one or two unknown threat groups — exploited CVE-2023-26360, an improper access control vulnerability that can result in arbitrary code execution. The bug affects versions of ColdFusion 2018 prior to Update 16 and ColdFusion 2021 prior to Update 6. It also affects two older versions of the web-application development software which are no longer… Source link
Read More »Adobe ColdFusion Vulnerability Exploited in Attacks on US Government Agency – SecurityWeek
[unable to retrieve full-text content]Adobe ColdFusion Vulnerability Exploited in Attacks on US Government Agency SecurityWeek Source link
Read More »Threat actors breached US govt systems by exploiting Adobe ColdFusion flaw – Security Affairs
[unable to retrieve full-text content]Threat actors breached US govt systems by exploiting Adobe ColdFusion flaw Security Affairs Source link
Read More »ColdFusion Exploit Used to Access Federal Agency – Duo Security
[unable to retrieve full-text content]ColdFusion Exploit Used to Access Federal Agency Duo Security Source link
Read More »Federal agency breached through Adobe ColdFusion vulnerability – The Record from Recorded Future News
[unable to retrieve full-text content]Federal agency breached through Adobe ColdFusion vulnerability The Record from Recorded Future News Source link
Read More »CISA details twin attacks on federal servers via unpatched ColdFusion flaw – The Register
[unable to retrieve full-text content]CISA details twin attacks on federal servers via unpatched ColdFusion flaw The Register Source link
Read More »Critical Vulnerability in Adobe ColdFusion Exploited by Hackers … – CityLife
[unable to retrieve full-text content]Critical Vulnerability in Adobe ColdFusion Exploited by Hackers … CityLife Source link
Read More »Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial … – CISA
[unable to retrieve full-text content]Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial … CISA Source link
Read More »Hackers breach US govt agencies using Adobe ColdFusion exploit
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified as CVE-2023-26360 to gain initial access to government servers. The security issue allows executing arbitrary code on servers running Adobe ColdFusion 2018 Update 15 and older, and 2021 Update 5 and earlier. It was exploited as a zero day before Adobe fixed it in mid-March by releasing ColdFusion 2018 Update 16 and 2021 Update 6. At the time, CISA published a notice about threat actors exploiting the flaw and urged federal organizations and state services to apply the available security updates. In an alert today, America’s Cyber Defense Agency warns that CVE-2023-26360 is still leveraged in attacks, showcasing… Source link
Read More »