all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Critical Security Update for Magento Open Source & Adobe Commerce

Add to bookmarks
Aug. 16, 2023, 7:09 p.m. | Ben Martin

Sucuri Blog blog.sucuri.net

Last week on August 8th, 2023, Adobe released a critical security patch for Adobe Commerce and the Magento Open Source CMS. The patch provides fixes for three vulnerabilities which affect the popular ecommerce platforms. Successful exploitation could lead to arbitrary code execution, privilege escalation and arbitrary file system read.


Affected versions of Magento Open Source are as follows:



  • 2.4.6-p1 and earlier

  • 2.4.5-p3 and earlier

  • 2.4.4-p4 and earlier


Website administrators are advised to update their software immediately to mitigate risk to …

adobe adobe commerce august cms code code execution commerce critical ecommerce ecommerce security escalation exploitation file file system fixes magento magento security open source patch platforms popular privilege privilege escalation security security patch security update system update vulnerabilities vulnerability disclosure week

Visit resource

More from blog.sucuri.net / Sucuri Blog

What is a Zero-Day Vulnerability? 2 days, 23 hours ago | blog.sucuri.net
best practices can dev dev teams +19
What is Cookie Hijacking 5 days ago | blog.sucuri.net
access accounts application attackers +25
JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS 1 week, 3 days ago | blog.sucuri.net
august black hat tactics campaign cloud +30
WordPress Maintenance: Tasks & Best Practices 1 week, 4 days ago | blog.sucuri.net
best practices can expertise guide +10
Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker 2 weeks, 3 days ago | blog.sucuri.net
admin amp area attackers +32
Web Shells: Types, Mitigation & Removal 2 weeks, 5 days ago | blog.sucuri.net
access attackers best practices compromised +33
Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS 3 weeks, 4 days ago | blog.sucuri.net
adoption black hat tactics can cms +19
WordPress Vulnerability & Patch Roundup March 2024 1 month ago | blog.sucuri.net
attacks automated awareness best practices +32
Sign1 Malware: Analysis, Campaign History & Indicators of Compromise 1 month, 1 week ago | blog.sucuri.net
analysis campaign clear client +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Lead Technical Product Manager - Threat Protection

@ Mastercard | Remote - United Kingdom
View on infosec-jobs.com

Data Privacy Officer

@ Banco Popular | San Juan, PR
View on infosec-jobs.com

GRC Security Program Manager

@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City
View on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Warrington, United Kingdom
View on infosec-jobs.com

Privacy Engineer, Technical Audit

@ Meta | Menlo Park, CA
View on infosec-jobs.com
View more jobs