Vulnerability Affecting Adobe ColdFusion Exploited In The Wild

CISA added a critical arbitrary code execution vulnerability affecting Adobe ColdFusion 2021 and 2018 to its catalog of security bugs exploited in the wild. Adobe has released the security updates for those Adobe versions and recommended admins install the updates asap; however, Adobe's advisory didn't mention the active exploitation of the vulnerability in the wild. The zero-day also affects older versions of Adobe, such as 2016, but those aren't officially supported anymore. Read more...