all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Critical Adobe ColdFusion Vulnerability (CVE-2023-26360) Exploited as a Zero-day

Add to bookmarks
March 16, 2023, 8:55 a.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

FortiGuard Labs is aware of a report that an improper access control vulnerability in Adobe ColdFusion (CVE-2023-26360) was observed to have been exploited in the wild. Unauthenticated attackers can exploit the vulnerability to achieve arbitrary code execution on a remote machine. On March 15th, CISA added CVE-2023-26360 to the Known Exploited Vulnerability catalog.Why is this Significant?This is significant because Adobe reported that an improper access control vulnerability in Adobe ColdFusion (CVE-2023-26360) was exploited in the wild. CISA also added the …

access access control adobe adobe coldfusion attackers aware catalog cisa code code execution coldfusion control critical cve cve-2023-26360 exploit exploited labs machine march report vulnerability zero-day

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400) 22 hours ago | fortiguard.fortinet.com
advisory attack code code injection +27
XZ Utils Supply Chain Attack (CVE-2024-3094) 1 week, 6 days ago | fortiguard.fortinet.com
attack code compression cve +25
Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256) 2 weeks, 6 days ago | fortiguard.fortinet.com
access attacker code code execution +25
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897) 2 weeks, 6 days ago | fortiguard.fortinet.com
access application application developers attackers +31
Kimsuky Malware Attack 3 weeks ago | fortiguard.fortinet.com
attack cyber entities espionage +15
JetBrains TeamCity Authentication Bypass Vulnerabilities (CVE-2024-27198, CVE-2024-27199) 1 month ago | fortiguard.fortinet.com
attacker authentication authentication bypass bypass +15
ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709) 1 month, 2 weeks ago | fortiguard.fortinet.com
access advisory application attackers +28
Microsoft Exchange Server Elevation of Privilege Vulnerability (CVE-2024-21410) 1 month, 4 weeks ago | fortiguard.fortinet.com
attacks can critical cve +27
Ivanti Connect Secure and Policy Secure Gateways Zero-day Vulnerabilities (CVE-2023-46805, CVE-2024-21887, CVE-2024-21888, CVE-2024-21893) 2 months, 1 week ago | fortiguard.fortinet.com
advisory application authentication authentication bypass +23

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Information Systems Security Engineer (ISSE)

@ Wyetech | Ft. Belvoir, Virginia
View on infosec-jobs.com

Security Consultant, FedRAMP Assessment | Remote US

@ Coalfire | United States
View on infosec-jobs.com

PAI/OSINT Administration Policy SME

@ Accenture Federal Services | Washington, DC
View on infosec-jobs.com

Field CISO

@ Lacework | United States
View on infosec-jobs.com

Risk Advisory Forensic Technology Services Senior

@ KPMG India | Mumbai, Maharashtra, India
View on infosec-jobs.com
View more jobs