December 5, 2023

Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers

December 5, 2023

What we know so far

The Cybersecurity and Infrastructure Security Agency (CISA) issued a Cybersecurity Advisory (CSA) regarding the exploitation of CVE-2023-26360 in Adobe ColdFusion by unidentified threat actors at a Federal Civilian Executive Branch (FCEB) agency. This vulnerability, affecting several versions of Adobe ColdFusion, led to improper access control and allowed attackers to execute arbitrary code. The agency confirmed the compromise of two public-facing servers between June and July 2023, resulting in reconnaissance efforts by the attackers but no confirmed data exfiltration or lateral movement. The CSA includes tactics, techniques, procedures, and indicators of compromise to help network defenders guard against similar threats.

Arrow Right

Schedule a test

Subscribe to advisory alerts

Be immediately notified of new advisories and associated security tests

More advisories