1.0 Introduction
Recently, Adobe released security updates to address vulnerabilities in Adobe ColdFusion version 2023 and 2021.
2.0 Impact
A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
3.0 Affected Products
- Adobe ColdFusion 2023 update 11 and earlier versions
- Adobe ColdFusion 2021 update 17 and earlier versions
4.0 Recommendations
CyberSecurity Malaysia encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates:
- Adobe ColdFusion 2023 update to version 12
- Adobe ColdFusion 2021 update to version 18
Generally, Cyber999 advise the users to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact Cyber999 Incident Response Centre through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 08:30 -17:30 MYT
Web: https://www.mycert.org.my
5.0 References