Security News > 2022 > February > Adobe fixes zero-day exploit in e-commerce code: update now!

Adobe fixes zero-day exploit in e-commerce code: update now!
2022-02-14 22:38

Make sure that the site where Magento or Adobe Commerce is actually running has downloaded and applied Adobe's latest patches.

Adobe has released security updates for Adobe Commerce and Magento Open Source.

Adobe is aware that CVE-2022-24086 has been exploited in the wild in very limited attacks targeting Adobe Commerce merchants.

According to Adobe, it seems that any Adobe Commerce or Magento installation running a version later than 2.3.3 that hasn't received the latest patches is vulnerable.

Watch your statements carefully if you've shopped recently at a site driven by Magento or Adobe Commerce.

Keep your eyes open for follow-up information from Adobe that gives actionable details about CVE-2022-24086 and the attacks known to have exploited it.


News URL

https://nakedsecurity.sophos.com/2022/02/14/adobe-fixes-zero-day-exploit-in-e-commerce-code-update-now/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Adobe 105 47 824 1650 622 3143