Adobe patches Magento bugs that lead to code execution, customer list tampering
Adobe has released a set of out-of-band security fixes to resolve serious issues in the Magento platform.
Published on October 15, the security advisory is outside of the firm’s typical monthly patch cycle and resolves nine vulnerabilities, eight of which are considered either critical or important, as well as one moderate-severity flaw.
The vulnerabilities impact Magento Commerce and Magento Open Source, versions 2.3.5-p1, 2.4.0, and earlier.
Adobe Magento’s critical vulnerabilities, now resolved, are tracked as CVE-2020-24407 and CVE-2020-24400. The file upload allow list bypass and SQL injection bug can lead to the execution of arbitrary code or arbitrary read/write database access. However, neither security flaw is pre-auth and both require an attacker to have already obtained admin privileges.
In addition, the software giant has tackled a vulnerability that allows attackers to manipulate and modify customer lists, CVE-2020-24402.
A stored cross-site scripting (XSS) issue (CVE-2020-24408), a user session invalidation bug (CVE-2020-24401), a security flaw that allows Magento CMS pages to be modified without permission (CVE-2020-24404), and two restricted resource access bugs — CVE-2020-24405 and CVE-2020-24403 — have also been resolved.
The least dangerous bug, CVE-2020-24406, is the unintended disclosure of a document root path that could lead to sensitive information disclosure.
In Adobe’s standard monthly security update, the company patched a single, critical vulnerability in Flash for Windows, macOS, Linux, and Chrome OS. The vulnerability, CVE-2020-9746, is a null pointer dereference flaw that could be exploited to cause software crashes or arbitrary code execution.
Microsoft, too, releases security fixes for its software every four weeks. In October, 87 security issues were resolved, including 21 remote code execution vulnerabilities impacting products including Excel, Outlook, and the Windows TCP/IP stack.
Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0