AdvisoriesCISAAA23-339ADecember 5, 2023
December 5, 2023
The Cybersecurity and Infrastructure Security Agency (CISA) issued a Cybersecurity Advisory (CSA) regarding the exploitation of CVE-2023-26360 in Adobe ColdFusion by unidentified threat actors at a Federal Civilian Executive Branch (FCEB) agency. This vulnerability, affecting several versions of Adobe ColdFusion, led to improper access control and allowed attackers to execute arbitrary code. The agency confirmed the compromise of two public-facing servers between June and July 2023, resulting in reconnaissance efforts by the attackers but no confirmed data exfiltration or lateral movement. The CSA includes tactics, techniques, procedures, and indicators of compromise to help network defenders guard against similar threats.
December 6, 2023
The ease of exploitation involved with this vulnerability - a simple request to a specific vulnerable endpoint - underscores the importance of automatic patching. Upgrading software is a manual and time-consuming process for many organizations, especially larger ones. Each upgrade carries a certain amount of risk, as the change set may be incompatible with other critical applications on the system. However, it is possible to establish a process of safe automated patching - and setting one up should be a top priority.
Be immediately notified of new advisories and associated security tests
