Adobe has released a security update for Adobe Commerce, Magento Open Source, and the Adobe Commerce Webhooks Plugin. This update addresses critical and important vulnerabilities that could lead to severe security issues, including arbitrary code execution, security feature bypass, and privilege escalation.
The update is particularly important as Adobe has identified that CVE-2024-34102, one of the vulnerabilities addressed, has been exploited in the wild. These limited attacks have specifically targeted Adobe Commerce merchants, making the update crucial for protecting against these active threats.
Successful exploitation of these vulnerabilities could allow attackers to execute unauthorized code, bypass security features, and escalate privileges, which poses significant risks to affected systems. Adobe’s prompt release of this update aims to mitigate these risks and enhance the security of its products.
Users are encouraged to apply the update as soon as possible to ensure their systems are protected against these critical vulnerabilities. The update serves as a vital measure to safeguard against potential exploits and maintain the integrity of Adobe Commerce and related platforms.
Reference:
