Important security updates have been released for various Adobe products. Attackers can, for example, attack FrameMaker Publishing Server. Adobe has secured the applications Acrobat Android, Audition, ColdFusion, Commerce, Creative Cloud, Experience Manager, FrameMaker Publishing Server, Magento, Media Encoder, Photoshop and Substance 3D Stager against potential attacks. At this point in time, there are no reports of ongoing attacks.

Critical security vulnerabilities

Two critical vulnerabilities (CVE-2024-30299, CVE-2024-30300) in FrameMaker Publishing Server are considered dangerous. Attackers can use an unspecified method to launch attacks at these points in order to gain higher user rights.

The online shop software Commerce and Magento Open Source are also threatened by critical vulnerabilities (CVE-2024-34111). Attackers can execute malicious code, gain higher privileges or bypass security functions. Admins can find a list of the repaired versions in the warning messages linked below.

High and medium security vulnerabilities

The vulnerabilities in the other applications are classified as high and medium. Information can be leaked here, but malicious code can also get onto systems. This usually affects the macOS and Windows versions. Further information on the security vulnerabilities, threatened versions and updates can be found in the following linked articles from Adobe below.

Acrobat Android Audition ColdFusion Commerce, Magento Creatice Cloud Desktip Application Experience Manager FrameMaker Publishing Server Media Encoder Photoshop Substance 3D Stage