Threat Report 12/10/24
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution Multiple vulnerabilities have been discovered in Google Android...
Multiple vulnerabilities have been discovered in Google Chrome, which could allow for remote code execution. Successful exploitation of these vulnerabilities could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Affected Systems:
Chrome versions prior to 124.0.6367.60/.61 for Windows and Mac
Chrome versions prior to 124.0.6367.60 for Linux
Risk
Remediation Recommendations
References
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user.
Affected Systems:
Adobe After Effects 24.1 and earlier versions on Windows and macOS.
Adobe After Effects 23.6.2 and earlier versions on Windows and macOS.
Adobe Photoshop 2023 24.7.2 and earlier versions on Windows and macOS.
Adobe Photoshop 2024 25.3.1 and earlier versions on Windows and macOS.
Adobe Commerce 2.4.7-beta3 and earlier versions.
Adobe Commerce 2.4.6-p4 and earlier versions.
Adobe Commerce 2.4.5-p6 and earlier versions.
Adobe Commerce 2.4.4-p7 and earlier versions.
Adobe Commerce 2.4.3-ext-6 and earlier versions.
Adobe Commerce 2.4.2-ext-6 and earlier versions.
Adobe Commerce 2.4.1-ext-6 and earlier versions.
Adobe Commerce 2.4.0-ext-6 and earlier versions.
Adobe Commerce 2.3.7-p4-ext-6 and earlier versions,
Adobe Commerce Magento Open Source 2.4.7-beta3 and earlier versions.
Adobe Commerce Magento Open Source 2.4.6-p4 and earlier versions.
Adobe Commerce Magento Open Source 2.4.5-p6 and earlier versions.
Adobe Commerce Magento Open Source 2.4.4-p7 and earlier versions.
Adobe InDesign ID18.5.1 and earlier versions for Windows and macOS.
Adobe InDesign ID19.2 and earlier versions for Windows and macOS.
Adobe Experience Manager (AEM) AEM Cloud Service (CS)
Adobe Experience Manager (AEM) 6.5.19 and earlier versions.
Adobe Media Encoder 24.2.1 and earlier versions for Windows and macOS.
Adobe Media Encoder 23.6.4 and earlier versions for Windows and macOS.
Adobe Bridge 13.0.6 and earlier versions for Windows and macOS.
Adobe Bridge 14.0.2 and earlier versions for Windows and macOS.
Adobe Illustrator 2024 28.3 and earlier versions for Windows and macOS.
Adobe Illustrator 2023 27.9.2 and earlier versions for Windows and macOS.
Adobe Animate 2023 23.0.4 and earlier versions for Windows and macOS.
Adobe Animate 2024 24.0.1 and earlier versions for Windows and macOS.
Risk
Remediation Recommendations
References
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Affected Systems:
Risk
Remediation Recommendations
References
Multiple vulnerabilities have been discovered in Oracle products, the most severe of which could allow for remote code execution.
Affected Systems:
Risk
Remediation Recommendations
References
A vulnerability has been discovered in PAN-OS that could allow for arbitrary code execution. PAN-OS is the software that runs all Palo Alto Networks' next-generation firewalls. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the root user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Affected Systems:
Risk
Remediation Recommendations
References
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution Multiple vulnerabilities have been discovered in Google Android...
Critical Patches Issued for Microsoft Products Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could...
Multiple Vulnerabilities in Microsoft Edge (Chromium-Based) Could Allow for Arbitrary Code Execution Multiple vulnerabilities have been discovered...