Adobe has released critical security updates to address 13 vulnerabilities across multiple product lines, including Adobe Commerce and Photoshop, as part of its Patch Tuesday release.
Furthermore, among the issues addressed are 10 serious flaws in Adobe Commerce and Magento Open Source, which are frequently targeted by malicious actors. These vulnerabilities could potentially lead to arbitrary code execution, privilege escalation, arbitrary file system reading, security feature bypass, and application denial-of-service attacks. Adobe has specified the affected software versions, including Adobe Commerce versions 2.4.7-beta1 and earlier, and Magento Open Source versions 2.4.7-beta1 and earlier.
Additionally, one notable concern is a critical-severity flaw, designated as CVE-2023-26370, in Adobe Photoshop. This vulnerability has the potential for code execution attacks on both Windows and macOS systems.
Adobe has urged users to apply these patches promptly to mitigate the risks associated with these vulnerabilities. Although Adobe has not been aware of any active exploits for the documented vulnerabilities, addressing them is crucial to maintaining system security. Additionally, Adobe released fixes for two vulnerabilities in Adobe Bridge that could result in memory corruption exploitation.