Adobe ColdFusion Deserialization of Untrusted Data Vulnerabilities
Exploited in the wild and actively targeted
FortiGuard Labs continue to see cyber-attacks targeting to exploit the ColdFusion vulnerability CVE-2023-26360. Blocking over multiple hundreds of attacks over the last weeks. Learn More »
Common Vulnerabilities and Exposures
Background
Adobe ColdFusion is a commercial rapid web-application and mobile applications development platform. Adobe ColdFusion is affected by Deserialization of Untrusted Data vulnerabilities (CVE-2023-26359, CVE-2023-26360) that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require any user interaction.
Threat Radar Overall Score: 4.4
CVSS Rating | 9.0 | |
FortiRecon Score | 96/100 | |
Known Exploited | Yes | |
Exploit Prediction Score | 96.4% | |
FortiGuard Telemetry | 7508 |
Latest Development
Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.
March 14, 2023: Adobe released the advisory and confirmed exploitation. "Adobe is aware that CVE-2023-26360 has been exploited in the wild in very limited attacks targeting Adobe ColdFusion."
https://helpx.adobe.com/security/products/coldfusion/apsb23-25.html
March 15, 2023: FortiGuard Labs released Threat Signal (CVE-2023-26360)
https://www.fortiguard.com/threat-signal-report/5063
March 15, 2023: CISA added (CVE-2023-26360) to its known exploited catalog (KEV)
Aug 21, 2023: CISA added CVE-2023-26359 to its known exploited list
FortiGuard customers remain protected by the IPS signature added for CVE-2023-26360 back in April 2023. However, we continue to see targeted attacks to exploit the vulnerability. IPS devices blocked over multiple hundered of attacks over the last month. FortiGuard Labs is investigating IPS protection for CVE-2023-26359 and will update this report once there is any new update.
FortiGuard Labs strongly advises to see vendor advisory and apply patches to Adobe Coldfusion if not already done.
https://coldfusion.adobe.com/2023/03/released-coldfusion-2021-and-2018-march-2023-security-updates/
FortiGuard Cybersecurity Framework
Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.
-
AV
-
Vulnerability
-
AV (Pre-filter)
-
IPS
-
Web App Security
-
Outbreak Detection
-
Threat Hunting
-
Content Update
-
Assisted Response Services
-
Automated Response
-
NOC/SOC Training
-
End-User Training
-
Attack Surface Hardening
-
Business Reputation
AV Detects and blocks known malware targeting Adobe ColdFusion vulnerability (CVE-2023-26360, CVE-2023-26359)
Vulnerability Detects vulnerable instances of Adobe ColdFusion (CVE-2023-26359 CVE-2023-26360 CVE-2023-26361)
AV (Pre-filter) Detects and blocks known malware targeting Adobe ColdFusion vulnerability (CVE-2023-26360, CVE-2023-26359)
IPS Detects and blocks attack attempts targeting Adobe ColdFusion vulnerability (CVE-2023-26360)
Web App Security Detects and blocks attack attempts targeting Adobe ColdFusion vulnerability (CVE-2023-26360)
Outbreak Detection
Threat Hunting
Content Update
Assisted Response Services Experts to assist you with analysis, containment and response activities.
Automated Response Services that can automaticlly respond to this outbreak.
NOC/SOC Training Train your network and security professionals and optimize your incident response to stay on top of the cyberattacks.
End-User Training Raise security awareness to your employees that are continuously being targetted by phishing, drive-by download and other forms of cyberattacks.
Attack Surface Hardening Check Security Fabric devices to build actionable configuration recommendations and key indicators.
Business Reputation Know attackers next move to protect against your business branding.
Threat Intelligence
Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.
Loading ...
Indicators of compromise
IOC Indicator List
Indicators of compromise
IOC Threat Activity
Last 30 days
Chg
Avg 0
Mitre Matrix
Click here for the ATT&CK Matrix
References
Sources of information in support and relation to this Outbreak and vendor.