Critical Security Update for Magento Open Source & Adobe Commerce | allinfosecnews.com

Aug. 16, 2023, 7:09 p.m. | Ben Martin

Sucuri Blog blog.sucuri.net

Last week on August 8th, 2023, Adobe released a critical security patch for Adobe Commerce and the Magento Open Source CMS. The patch provides fixes for three vulnerabilities which affect the popular ecommerce platforms. Successful exploitation could lead to arbitrary code execution, privilege escalation and arbitrary file system read.

Affected versions of Magento Open Source are as follows:

2.4.6-p1 and earlier

2.4.5-p3 and earlier

2.4.4-p4 and earlier

Website administrators are advised to update their software immediately to mitigate risk to …

adobe adobe commerce august cms code code execution commerce critical ecommerce ecommerce security escalation exploitation file file system fixes magento magento security open source patch platforms popular privilege privilege escalation security security patch security update system update vulnerabilities vulnerability disclosure week

More from blog.sucuri.net / Sucuri Blog

From Privacy to Exfiltration: Telegram’s Role in Website Malware 2 days, 14 hours ago | blog.sucuri.net

abuse black hat tactics creators cybercriminals +21

WordPress Vulnerability & Patch Roundup May 2024 4 days, 12 hours ago | blog.sucuri.net

attacks automated awareness disclosures +32

How to Fix the NET::ERR_CERT_DATE_INVALID Error 1 week, 1 day ago | blog.sucuri.net

address can certificate connection +14

Server Side Credit Card Skimmer Lodged in Obscure Plugin 1 week, 3 days ago | blog.sucuri.net

attackers card credit credit card +22

What is HTTP 504 Gateway Timeout & How to Fix It 2 weeks, 4 days ago | blog.sucuri.net

best practices can error errors +14

What is HTTP Error 502 Bad Gateway & How to Troubleshoot It 3 weeks, 2 days ago | blog.sucuri.net

bad best practices can error +21

What is HTTP Error 429: Too Many Requests 3 weeks, 4 days ago | blog.sucuri.net

access can code error +15

Mal.Metrica Redirects Users to Scam Sites 4 weeks, 2 days ago | blog.sucuri.net

analysts black hat tactics click compromised +11

WordPress Vulnerability & Patch Roundup April 2024 1 month ago | blog.sucuri.net

april attacks automated awareness +33

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com