Adobe Patches Critical Vulnerability in Connect Collaboration Suite

Posted on By CWS

Adobe on Tuesday introduced patches for over 35 vulnerabilities in its merchandise, together with a critical-severity bug within the Adobe Join collaboration suite.

The crucial flaw, tracked as CVE-2025-49553 (CVSS rating of 9.3), is described as a cross-site scripting (XSS) problem that may very well be exploited to execute arbitrary code.

Fixes for the safety defect had been included in Adobe Join model 12.10 which has been rolled out to Home windows and macOS programs with patches for 2 different flaws, together with a high-severity XSS bug resulting in code execution.

The corporate patched one other high-severity XSS problem in Commerce and Magento Open Supply, warning it might result in privilege escalation. The updates additionally resolve a high-severity safety bypass, together with three medium-severity defects resulting in code execution, privilege escalation, and safety bypass.

Excessive-severity vulnerabilities that might result in arbitrary code execution, all with a CVSS rating of seven.8, had been addressed with safety updates for Substance 3D Stager, Dimension, Illustrator, FrameMaker, Substance 3D Modeler, Substance 3D Viewer, Animate, and Bridge.

Though these points have CVSS scores that place them within the ‘excessive severity’ class, Adobe lists them in its advisories as ‘crucial’.

Adobe’s updates for Expertise Supervisor Screens, Animate, Substance 3D Viewer, Bridge, and Artistic Cloud Desktop Software resolve a complete of eight medium-severity safety holes.

Adobe lists most of those safety updates with a precedence ranking of ‘3’, that means that it doesn’t anticipate the patched bugs to be focused in assaults, however will increase the precedence ranking of the Commerce and Magento Open Supply replace to ‘2’, as these are merchandise which have traditionally been at elevated threat.Commercial. Scroll to proceed studying.

The corporate says it isn’t conscious of any of those points being exploited within the wild, however customers ought to apply the out there patches as quickly as doable. Further data may be discovered on Adobe’s PSIRT web page.

Associated: Adobe Patches Important ColdFusion and Commerce Vulnerabilities

Associated: Adobe Patches Over 60 Vulnerabilities Throughout 13 Merchandise

Associated: Adobe Points Out-of-Band Patches for AEM Types Vulnerabilities With Public PoC

Associated: Adobe Patches Important Code Execution Bugs

Security Week News Tags:, , , , , ,

Related Posts

Bipartisan Bill Aims to Block Chinese AI From Federal Agencies Security Week News
Cyata Emerges From Stealth With $8.5 Million in Funding Security Week News
GlassWorm Malware Returns to Open VSX, Emerges on GitHub Security Week News
ShadowV2 DDoS Service Lets Customers Self-Manage Attacks Security Week News
Webinar Today: Why Context is a Secret Weapon in Application Security Posture Management Security Week News
Scalekit Raises $5.5 Million to Secure AI Agent Authentication Security Week News