Security Affairs
Attacker Used AI to Build Custom PowerShell Recon Malware|Malware Hits Japan’s Largest Taxi Company Nihon Kotsu, Services Temporarily Suspended|CrashStealer: New macOS Infostealer Uses Signed Apps to Evade Gatekeeper|Lidl Notified Online Shop Customers in Germany, Belgium, and the Netherlands of a Data Breach|U.S. CISA adds a Cisco IOS flaw to its Known Exploited Vulnerabilities catalog|EU Targets FSB-Linked Hackers in New Sanctions Over Cyber Sabotage|Dutch Nationals Suspected in Odido Hack That Exposed Six Million Customers|Australia Alerts Organizations to Ongoing CMS Exploitation Attacks|Ryuk Ransomware Member Pleads Guilty Over Attacks on U.S. Organizations|Progress Told ShareFile Customers to Pull the Plug on Their Servers. Here’s What We Know.|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 105|Security Affairs newsletter Round 585 by Pierluigi Paganini – INTERNATIONAL EDITION|Attacker Used AI to Build Custom PowerShell Recon Malware|Malware Hits Japan’s Largest Taxi Company Nihon Kotsu, Services Temporarily Suspended|CrashStealer: New macOS Infostealer Uses Signed Apps to Evade Gatekeeper|Lidl Notified Online Shop Customers in Germany, Belgium, and the Netherlands of a Data Breach|U.S. CISA adds a Cisco IOS flaw to its Known Exploited Vulnerabilities catalog|EU Targets FSB-Linked Hackers in New Sanctions Over Cyber Sabotage|Dutch Nationals Suspected in Odido Hack That Exposed Six Million Customers|Australia Alerts Organizations to Ongoing CMS Exploitation Attacks|Ryuk Ransomware Member Pleads Guilty Over Attacks on U.S. Organizations|Progress Told ShareFile Customers to Pull the Plug on Their Servers. Here’s What We Know.|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 105|Security Affairs newsletter Round 585 by Pierluigi Paganini – INTERNATIONAL EDITION|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Researchers created a PoC exploit for recently disclosed critical Magento CVE-2022-24086 bug

Researchers developed an exploit code for CVE-2022-24086 vulnerability affecting Adobe Commerce and Magento Open Source. Positive Technologies researchers have created a working PoC exploit for the recently patched CVE-2022-24086 vulnerability affecting its Commerce and Magento Open Source products. An attacker could use the exploit to achieve remote code execution from an unauthenticated user. This week, Adobe rolled […]

magento polyshell

Researchers developed an exploit code for CVE-2022-24086 vulnerability affecting Adobe Commerce and Magento Open Source.

Positive Technologies researchers have created a working PoC exploit for the recently patched CVE-2022-24086 vulnerability affecting its Commerce and Magento Open Source products.

An attacker could use the exploit to achieve remote code execution from an unauthenticated user.

This week, Adobe rolled out security updates to address the critical CVE-2022-24086 flaw that impacts Commerce and Magento Open Source products, the company added that the flaw is being actively exploited in the wild.

“Adobe is aware that CVE-2022-24086 has been exploited in the wild in very limited attacks targeting Adobe Commerce merchants.” reads the advisory published by Adobe.

The issue is an “improper input validation” vulnerability that could be exploited by threat actors with administrative privileges to achieve arbitrary code execution on vulnerable systems.

The CVE-2022-24086 has received a CVSS score of 9.8 out of 10, it is classified as a pre-authentication issue which means that it could be exploited without credentials.   

Experts believe that threat actors could create their own version of the CVE-2022-24086 exploit to conduct attacks in the wild, especially persistent and well-resourced attackers.

The flaw could be exploited to compromise e-stores using a vulnerable version of Magento.

The good news is that the researchers will not publicly release their PoC exploit code.

This week, US Cybersecurity and Infrastructure Security Agency (CISA) added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including the CVE-2022-24086 flaw. CISA orders all Federal Civilian Executive Branch Agencies (FCEB) agencies to address it by March 1st, 2022.

Adobe has also updated the security advisory for this flaw by adding a new Improper Input Validation flaw tracked as CVE-2022-24087 (CVSS score 9.8).

The CVE-2022-24087 flaw was reported by researchers Eboda and Blaklis.

Blaklis warns that admins that have patched with the first patch are not secure even after applying the new updates.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Magento)

[adrotate banner=”5″]

[adrotate banner=”13″]