The recent update from the Cybersecurity and Infrastructure Security Agency (CISA) has brought to light two critical vulnerabilities that have been actively exploited in the wild. These vulnerabilities, concerning Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM), pose significant security risks to federal agencies and organizations globally.
The vulnerabilities in question, known as CVE-2017-3066 and CVE-2024-20953, are deserialization vulnerabilities that allow malicious actors to exploit untrusted data to execute arbitrary code, potentially compromising systems. Deserialization vulnerabilities, like these, are particularly dangerous as they can lead to unauthorized access and control over sensitive data.
Starting with CVE-2017-3066, this vulnerability affects Adobe ColdFusion through a Java deserialization flaw within the Apache BlazeDS library. Older versions of ColdFusion are especially susceptible, and remote attackers could exploit this vulnerability to execute arbitrary code on affected systems. Adobe has released security hotfixes to address this issue, urging users to upgrade to more secure versions of ColdFusion.
As for CVE-2024-20953, this vulnerability impacts Oracle’s Agile PLM system, allowing low-privileged attackers with network access to exploit the vulnerability via HTTP. With a high CVSS score of 8.8, the severity of this vulnerability cannot be understated, as it could result in a complete takeover of the Oracle Agile PLM system. Oracle has provided patches in their Critical Patch Update to address this vulnerability and emphasizes the importance of keeping systems updated.
Deserialization vulnerabilities, such as the ones highlighted by Adobe ColdFusion and Oracle Agile PLM, underscore the increasing threat landscape facing organizations. These vulnerabilities enable attackers to inject malicious data and bypass traditional security defenses, posing a critical threat to both private and governmental entities.
To mitigate the risks posed by these vulnerabilities, organizations must prioritize security best practices, including applying security patches, monitoring network traffic, educating staff on safe practices, implementing strong access controls, and staying informed about known exploits cataloged by CISA. By following these strategies, organizations can enhance their security posture and reduce the likelihood of exploitation and potential damage from cyberattacks targeting vulnerable systems like ColdFusion and Agile PLM.