CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

Adobe Patches Critical Vulnerability in Connect Collaboration Suite

Adobe has published a dozen security advisories detailing over 35 vulnerabilities across its product portfolio. The post Adobe Patches Critical Vulnerability in Connect Collaboration Suite appeared first on SecurityWeek.

Adobe vulnerabilities

Adobe on Tuesday announced patches for over 35 vulnerabilities in its products, including a critical-severity bug in the Adobe Connect collaboration suite.

The critical flaw, tracked as CVE-2025-49553 (CVSS score of 9.3), is described as a cross-site scripting (XSS) issue that could be exploited to execute arbitrary code.

Fixes for the security defect were included in Adobe Connect version 12.10 which has been rolled out to Windows and macOS systems with patches for two other flaws, including a high-severity XSS bug leading to code execution.

The company patched another high-severity XSS issue in Commerce and Magento Open Source, warning it could lead to privilege escalation. The updates also resolve a high-severity security bypass, along with three medium-severity defects leading to code execution, privilege escalation, and protection bypass.

High-severity vulnerabilities that could lead to arbitrary code execution, all with a CVSS score of 7.8, were addressed with security updates for Substance 3D Stager, Dimension, Illustrator, FrameMaker, Substance 3D Modeler, Substance 3D Viewer, Animate, and Bridge.

Although these issues have CVSS scores that place them in the ‘high severity’ category, Adobe lists them in its advisories as ‘critical’.

Adobe’s updates for Experience Manager Screens, Animate, Substance 3D Viewer, Bridge, and Creative Cloud Desktop Application resolve a total of eight medium-severity security holes.

Adobe lists most of these security updates with a priority rating of ‘3’, meaning that it does not expect the patched bugs to be targeted in attacks, but increases the priority rating of the Commerce and Magento Open Source update to ‘2’, as these are products that have historically been at elevated risk.

The company says it is not aware of any of these issues being exploited in the wild, but users should apply the available patches as soon as possible. Additional information can be found on Adobe’s PSIRT page.

Related: Adobe Patches Critical ColdFusion and Commerce Vulnerabilities

Related: Adobe Patches Over 60 Vulnerabilities Across 13 Products

Related: Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC

Related: Adobe Patches Critical Code Execution Bugs

Latest News

CYBERNEWSMEDIAPublisher