A recently discovered critical security vulnerability is being actively exploited, tracked as CVE-2022-24086, is affecting websites using Adobe Commerce and Magento Open Source.
A recently found exploit allows attacks without authentication
The exploit works by improper input validation. The input validation is used to check potentially dangerous inputs to ensure that the inputs are safe for processing within the code, or when communicating with other components.
When software does not validate input properly, an attacker is able to craft the input in a form not expected by the rest of the application. This leads to parts of the system receiving unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution.
On February 13, the tech giant said that the vulnerability impacts Adobe Commerce and Magento Open Source, and according to the firm’s threat data, the security flaw is being weaponized.
This vulnerability has been issued a CVSS severity score of 9.8 out of 10, the maximum severity rating possible.
Adobe released an emergency patch on Feb 13, which secures the affected Adobe Commerce and Magento Open Sources versions from this exploit.
All Adobe Commerce and Magento Open Source 2.4.3 p1 and 2.3.7 p2 and earlier versions.
Do not hesitate to apply the security patch today.
ioVista offers expert Adobe Commerce and Open Source Magento Maintenance and Support by Magento Certified developers at reasonable rates with a quick response time. Contact us today to apply this patch.
Or click here to download the patch and apply it yourself.
Albert Wood is a technology futurist, sales stimuli, motivator, and E-commerce specialist at ioVista. As a data-driven and digital marketing evangelist, Albert’s passion is transforming struggling e-commerce businesses into sales-generating powerhouses through the right combination of UX and digital marketing strategies.
Albert Wood
01 Feb 2023Albert Wood
12 Jan 2023Albert Wood
20 Dec 2022Albert Wood
15 Dec 2022Albert Wood
09 Dec 2022Albert Wood
07 Dec 2022Albert Wood
24 Nov 2022Albert Wood
17 Nov 2022Albert Wood
17 Nov 2022Albert Wood
27 Oct 2022Albert Wood
07 Oct 2022Albert Wood
27 Sep 2022Albert Wood
15 Sep 2022Albert Wood
10 Sep 2022Albert Wood
23 Aug 2022Albert Wood
17 Aug 2022Albert Wood
10 Aug 2022Albert Wood
01 Jul 2022Albert Wood
14 Jun 2022Albert Wood
11 May 2022Albert Wood
03 May 2022Albert Wood
29 Apr 2022Albert Wood
27 Apr 2022Albert Wood
21 Apr 2022Albert Wood
13 Apr 2022Albert Wood
01 Apr 2022Albert Wood
29 Mar 2022Albert Wood
01 Mar 2022Albert Wood
24 Feb 2022Albert Wood
15 Feb 2022Albert Wood
11 Feb 2022Albert Wood
04 Feb 2022Albert Wood
27 Jan 2022Albert Wood
13 Jan 2022Albert Wood
10 Jan 2022Albert Wood
17 Dec 2021Albert Wood
13 Dec 2021Albert Wood
30 Nov 2021Albert Wood
26 Oct 2021Albert Wood
20 Oct 2021Albert Wood
05 Oct 2021Albert Wood
30 Sep 2021Albert Wood
21 Sep 2021Albert Wood
17 Sep 2021Albert Wood
08 Sep 2021Albert Wood
11 Aug 2021Albert Wood
05 Aug 2021Albert Wood
16 Jun 2021Albert Wood
03 Jun 2021Albert Wood
06 May 2021Albert Wood
04 May 2021Albert Wood
18 Feb 2021Albert Wood
15 Feb 2021Albert Wood
28 Jan 2021Albert Wood
11 Nov 2020Albert Wood
13 Oct 2020Albert Wood
24 Sep 2020Albert Wood
21 Sep 2020Albert Wood
08 Sep 2020Albert Wood
18 Aug 2020Albert Wood
13 Aug 2020Albert Wood
01 Aug 2020Albert Wood
29 Jul 2020Albert Wood
21 Jul 2020Albert Wood
09 Jul 2020Albert Wood
29 Jun 2020Albert Wood
11 Jun 2020Albert Wood
21 May 2020Albert Wood
24 Apr 2020Albert Wood
14 Apr 2020Albert Wood
10 Apr 2020Albert Wood
26 Mar 2020Albert Wood
24 Mar 2020Get in touch with us if you have a web development or digital marketing project that you would like to get underway!
TOP
Get in Touch