CVE-2022-24086 What is it?

16 Feb 2022

Albert Wood

A recently discovered critical security vulnerability is being actively exploited, tracked as CVE-2022-24086, is affecting websites using Adobe Commerce and Magento Open Source.

A recently found exploit allows attacks without authentication

The exploit works by improper input validation. The input validation is used to check potentially dangerous inputs to ensure that the inputs are safe for processing within the code, or when communicating with other components.

When software does not validate input properly, an attacker is able to craft the input in a form not expected by the rest of the application. This leads to parts of the system receiving unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution.

On February 13, the tech giant said that the vulnerability impacts Adobe Commerce and Magento Open Source, and according to the firm’s threat data, the security flaw is being weaponized.

This vulnerability has been issued a CVSS severity score of 9.8 out of 10, the maximum severity rating possible.

Adobe released an emergency patch on Feb 13, which secures the affected Adobe Commerce and Magento Open Sources versions from this exploit.

Who is at Risk?

All Adobe Commerce and Magento Open Source 2.4.3 p1 and 2.3.7 p2 and earlier versions.

Do not hesitate to apply the security patch today.

ioVista offers expert Adobe Commerce and Open Source Magento Maintenance and Support by Magento Certified developers at reasonable rates with a quick response time. Contact us today to apply this patch.

Or click here to download the patch and apply it yourself.

Albert Wood

Albert Wood is an accomplished eCommerce Business Analyst. As a technology futurist and sales motivator at ioVista, Albert is dedicated to transforming struggling eCommerce businesses into thriving enterprises. With a keen focus on client’s business processes, user experience (UX), and leveraging the power of digital marketing, he helps businesses optimize their online presence and drive sustainable growth. Albert’s passion is for virtual reality (VR), augmented reality (AR), and mixed reality (MR), immersing himself in unforgettable experiences and exploring the limitless possibilities they offer. His enthusiasm for these emerging technologies fuels his drive to push the boundaries of innovation in eCommerce.

CVE-2022-24086 What is it?

Who is at Risk?

Get in Touch

Popular Posts

Start Your Free Website & Platform Assessment.