In a fresh alert, CERT-In, India’s nodal agency for cybersecurity, has spotlighted a series of high-risk vulnerabilities in various Adobe products. The products in the spotlight include Adobe Substance 3D Designer, Adobe Experience Manager, and versions of Adobe Animate for both Windows and macOS.
What Happened? Delving into the specifics, these vulnerabilities could potentially let cybercriminals sidestep security measures and run any code they wish on the victim’s device. The root causes? A mix of issues ranging from input validation errors to cross-site scripting. In layman’s terms, hackers can exploit these flaws by sending specially designed requests to the affected software.
Adobe has already rolled out security updates to patch these vulnerabilities, and CERT-In strongly recommends users promptly install these updates, as detailed in Adobe’s official security bulletin.
More security concerns: In a separate advisory, CERT-In also highlighted a security flaw in MOVEit Transfer, a file transfer solution. This flaw, termed as an SQL injection vulnerability, could let hackers access the software’s database without any authentication.
Essentially, attackers can send a malicious payload to MOVEit Transfer, potentially altering or accessing its database content. Worryingly, this isn’t the first time such a vulnerability has been flagged, and hackers are actively exploiting it.
Get all the latest Share Market trends and news to set you up for the week ahead.
© 2023 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.