Adobe Patches Critical Vulnerability in Connect Collaboration Suite

Posted on By CWS

Adobe on Tuesday introduced patches for over 35 vulnerabilities in its merchandise, together with a critical-severity bug within the Adobe Join collaboration suite.

The crucial flaw, tracked as CVE-2025-49553 (CVSS rating of 9.3), is described as a cross-site scripting (XSS) problem that may very well be exploited to execute arbitrary code.

Fixes for the safety defect had been included in Adobe Join model 12.10 which has been rolled out to Home windows and macOS programs with patches for 2 different flaws, together with a high-severity XSS bug resulting in code execution.

The corporate patched one other high-severity XSS problem in Commerce and Magento Open Supply, warning it might result in privilege escalation. The updates additionally resolve a high-severity safety bypass, together with three medium-severity defects resulting in code execution, privilege escalation, and safety bypass.

Excessive-severity vulnerabilities that might result in arbitrary code execution, all with a CVSS rating of seven.8, had been addressed with safety updates for Substance 3D Stager, Dimension, Illustrator, FrameMaker, Substance 3D Modeler, Substance 3D Viewer, Animate, and Bridge.

Though these points have CVSS scores that place them within the ‘excessive severity’ class, Adobe lists them in its advisories as ‘crucial’.

Adobe’s updates for Expertise Supervisor Screens, Animate, Substance 3D Viewer, Bridge, and Artistic Cloud Desktop Software resolve a complete of eight medium-severity safety holes.

Adobe lists most of those safety updates with a precedence ranking of ‘3’, that means that it doesn’t anticipate the patched bugs to be focused in assaults, however will increase the precedence ranking of the Commerce and Magento Open Supply replace to ‘2’, as these are merchandise which have traditionally been at elevated threat.Commercial. Scroll to proceed studying.

The corporate says it isn’t conscious of any of those points being exploited within the wild, however customers ought to apply the out there patches as quickly as doable. Further data may be discovered on Adobe’s PSIRT web page.

Associated: Adobe Patches Important ColdFusion and Commerce Vulnerabilities

Associated: Adobe Patches Over 60 Vulnerabilities Throughout 13 Merchandise

Associated: Adobe Points Out-of-Band Patches for AEM Types Vulnerabilities With Public PoC

Associated: Adobe Patches Important Code Execution Bugs

Security Week News Tags:, , , , , ,

Related Posts

From 60 to 4,000: NATO’s Locked Shields Reflects Cyber Defense Growth Security Week News
Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability Security Week News
Cybersecurity M&A Roundup: 27 Deals Announced in August 2025 Security Week News
California Gov. Gavin Newsom Signs Bill Creating AI Safety Measures Security Week News
US Targets North Korea’s Illicit Funds: $15M Rewards Offered as American Woman Jailed in IT Worker Scam Security Week News
Scattered Spider Activity Drops Following Arrests, but Others Adopting Group’s Tactics Security Week News