CVE-2022-24086 What is it?

16 Feb 2022
Albert Wood
Albert Wood
CVE-2022-24086 What is it?

A recently discovered critical security vulnerability is being actively exploited, tracked as CVE-2022-24086, is affecting websites using Adobe Commerce and Magento Open Source.

A recently found exploit allows attacks without authentication

The exploit works by improper input validation. The input validation is used to check potentially dangerous inputs to ensure that the inputs are safe for processing within the code, or when communicating with other components. 

When software does not validate input properly, an attacker is able to craft the input in a form not expected by the rest of the application. This leads to parts of the system receiving unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution.

On February 13, the tech giant said that the vulnerability impacts Adobe Commerce and Magento Open Source, and according to the firm’s threat data, the security flaw is being weaponized.

This vulnerability has been issued a CVSS severity score of 9.8 out of 10, the maximum severity rating possible.

Adobe released an emergency patch on Feb 13, which secures the affected Adobe Commerce and Magento Open Sources versions from this exploit.

Who is at Risk?

All Adobe Commerce and Magento Open Source 2.4.3 p1 and 2.3.7 p2 and earlier versions.

Do not hesitate to apply the security patch today.

ioVista offers expert Adobe Commerce and Open Source Magento Maintenance and Support by Magento Certified developers at reasonable rates with a quick response time. Contact us today to apply this patch.

Or click here to download the patch and apply it yourself.

Albert Wood
Albert Wood linkedin

Albert Wood is a technology futurist, sales stimuli, motivator, and E-commerce specialist at ioVista. As a data-driven and digital marketing evangelist, Albert’s passion is transforming struggling e-commerce businesses into sales-generating powerhouses through the right combination of UX and digital marketing strategies.

Get in Touch

    Start Your Free Website & Platform Assessment.

    Get in touch with us if you have a web development or digital marketing project that you would like to get underway!

    Platform Assessment