Adobe Patches Critical Vulnerability in Connect Collaboration Suite

Posted on By CWS

Adobe on Tuesday introduced patches for over 35 vulnerabilities in its merchandise, together with a critical-severity bug within the Adobe Join collaboration suite.

The crucial flaw, tracked as CVE-2025-49553 (CVSS rating of 9.3), is described as a cross-site scripting (XSS) problem that may very well be exploited to execute arbitrary code.

Fixes for the safety defect had been included in Adobe Join model 12.10 which has been rolled out to Home windows and macOS programs with patches for 2 different flaws, together with a high-severity XSS bug resulting in code execution.

The corporate patched one other high-severity XSS problem in Commerce and Magento Open Supply, warning it might result in privilege escalation. The updates additionally resolve a high-severity safety bypass, together with three medium-severity defects resulting in code execution, privilege escalation, and safety bypass.

Excessive-severity vulnerabilities that might result in arbitrary code execution, all with a CVSS rating of seven.8, had been addressed with safety updates for Substance 3D Stager, Dimension, Illustrator, FrameMaker, Substance 3D Modeler, Substance 3D Viewer, Animate, and Bridge.

Though these points have CVSS scores that place them within the ‘excessive severity’ class, Adobe lists them in its advisories as ‘crucial’.

Adobe’s updates for Expertise Supervisor Screens, Animate, Substance 3D Viewer, Bridge, and Artistic Cloud Desktop Software resolve a complete of eight medium-severity safety holes.

Adobe lists most of those safety updates with a precedence ranking of ‘3’, that means that it doesn’t anticipate the patched bugs to be focused in assaults, however will increase the precedence ranking of the Commerce and Magento Open Supply replace to ‘2’, as these are merchandise which have traditionally been at elevated threat.Commercial. Scroll to proceed studying.

The corporate says it isn’t conscious of any of those points being exploited within the wild, however customers ought to apply the out there patches as quickly as doable. Further data may be discovered on Adobe’s PSIRT web page.

Associated: Adobe Patches Important ColdFusion and Commerce Vulnerabilities

Associated: Adobe Patches Over 60 Vulnerabilities Throughout 13 Merchandise

Associated: Adobe Points Out-of-Band Patches for AEM Types Vulnerabilities With Public PoC

Associated: Adobe Patches Important Code Execution Bugs

Security Week News Tags:, , , , , ,

Related Posts

Europol Announces More DDoS Service Takedowns, Arrests Security Week News
US Sanctions Myanmar Militia Involved in Cyber Scams  Security Week News
Hackers Access Legacy Systems in Oxford City Council Cyberattack Security Week News
Beer Giant Asahi Says Data Stolen in Ransomware Attack Security Week News
Nevada Confirms Ransomware Attack Behind Statewide Service Disruptions Security Week News
Thousands of Citrix NetScaler Instances Unpatched Against Exploited Vulnerabilities Security Week News