Passa ai contenuti principali

Cerca nel blog

alerts.gdaverio.it

alerts.gdaverio.it

Alert GCSA-24040 - Adobe Security Bulletin - Marzo 2024

Ottieni link
Facebook
Twitter
Pinterest
Email
Altre app

******************************************************************

Alert ID: GCSA-24040
Data: 13 Marzo 2024
Titolo: Adobe Security Bulletin - Marzo 2024

******************************************************************

:: Descrizione del problema

Adobe ha rilasciato i seguenti aggiornamenti di sicurezza:

APSB24-05 Security update available for Adobe Experience Manager
APSB24-12 Security update available for Adobe Premiere Pro
APSB24-14 Security update available for Adobe ColdFusion
APSB24-15 Security update available for Adobe Bridge
APSB24-17 Security update available for Adobe Lightroom
APSB24-19 Security update available for Adobe Animate

Maggiori informazioni sono disponibili alla sezione "Riferimenti".

:: Software interessato

Adobe Experience Manager versione 6.5.19.0 e precedenti
Adobe Premiere Pro versione 23.6.2 e precedenti
Adobe Premiere Pro versione 24.1 e precedenti
Adobe ColdFusion 2021 update 12 e precedenti
Adobe ColdFusion 2023 update 6 e precedenti
Adobe Bridge versione 13.0.5 e precedenti
Adobe Bridge versione 14.0.1 e precedenti
Adobe Lightroom versione 7.1.2 e precedenti
Adobe Animate 2023 versione 23.0.3 e precedenti
Adobe Animate 2024 versione 24.0 e precedenti

NOTA: Per le versioni del software installate in Cloud Service presso Adobe,
riceveranno aggiornamenti automatici dal produttore

:: Impatto

Esecuzione remota di codice arbitrario (RCE)
Accesso a dati riservati (ID)
Bypass delle restrizioni di sicurezza (SRB)

:: Soluzioni

Aggiornare i software alle ultime versioni:

Adobe Experience Manager (AEM) 6.5.20.0
Adobe Premiere Pro 24.2.1
Adobe Premiere Pro 23.6.4
ColdFusion 2023 Update 7
ColdFusion 2021 Update 13
Adobe Bridge 13.0.6
Adobe Bridge 14.0.2
Lightroom 7.2
Adobe Animate 2023 23.0.4
Adobe Animate 2024 24.0.1

:: Riferimenti

Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security/security-bulletin.html
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html
https://helpx.adobe.com/security/products/premiere_pro/apsb24-12.html
https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html
https://helpx.adobe.com/security/products/bridge/apsb24-15.html
https://helpx.adobe.com/security/products/lightroom/apsb24-17.html
https://helpx.adobe.com/security/products/animate/apsb24-19.html

CISA
https://www.cisa.gov/news-events/alerts/2024/03/12/adobe-releases-security-updates-multiple-products

CIS - Center for Internet Security
https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-adobe-products-could-allow-for-arbitrary-code-execution_2024-028

Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20745
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20752
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20754
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20755
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20756
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20757
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20760
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20761
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20763
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20764
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20767
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20768
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26028
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26030
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26031
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26033
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26034
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26035
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26038
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26040
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26041
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26042
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26043
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26044
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26045
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26048
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26050
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26051
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26052
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26056
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26059
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26061
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26062
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26064
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26067
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26069
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26073
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26080
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26094
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26096
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26102
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26103
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26104
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26105
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26106
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26107
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26118
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26120
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26125

GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert

-----BEGIN PGP SIGNATURE-----

iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZfF6dgAKCRDBnEyTZRJg
QinlAJ9KuSOQnmKJskSy+g1bZB6qq1PbPACfaiTHo4gNbjnxQ5Ov9nXHvCwaHek=
=B4nm
-----END PGP SIGNATURE-----

adobe

Ottieni link
Facebook
Twitter
Pinterest
Email
Altre app

Gianandrea Daverio
Cyber Security Professional

HOME PAGE
ABOUT MYSELF
CYBERSECURITY
GARAGE STUFFS
PRESS ROOM
BLOG
CONTACT

© Copyright 2023 | All rights reserved | Gianandrea Daverio | Privacy

LAST MONTH VISITORS

Powered by Blogger

ABOUT MYSELF

ARCHIVIO BLOG

.

mag 202411
apr 202411
mar 202419
feb 202417
gen 202415
dic 202312
nov 20239
ott 202319
set 202316
ago 202317

Mostra di più Mostra di meno

COVERED TOPICS

.

chrome
microsoft
mozilla
apple
microsoft edge
adobe
gitlab
apache
oracle
drupal

moodle
bind
fortinet
openssl
joomla
magento
qnap
wordpress
samba
microsoft 365
atlassian
cisco
zoom
exim
anydesk
docker
kubernetes
openssh
owncloud
paloalto
php
sonicwall
vmware

Mostra di più Mostra di meno