Adobe Monthly Security Update (June 2024)

Last Update Date: 18 Jul 2024 Release Date: 12 Jun 2024 5830 Views

RISK: High Risk

High Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

Adobe has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotesDetails (including CVE)
Adobe PhotoshopMedium Risk Medium RiskRemote Code Execution APSB24-27
Adobe Experience ManagerMedium Risk Medium Risk

Remote Code Execution
Security Restriction Bypass

Cross-site Scripting

 APSB24-28
Adobe AuditionMedium Risk Medium RiskDenial of Service
Information Disclosure		 APSB24-32
Adobe Media EncoderMedium Risk Medium Risk

Information Disclosure

 APSB24-34
Adobe FrameMaker Publishing ServerMedium Risk Medium Risk

Information Disclosure

Elevation of Privilege

 APSB24-38
Adobe CommerceHigh RiskHigh Risk

Remote Code Execution

Elevation of Privilege
Security Restriction Bypass

Cross-site Scripting

 APSB24-40
Adobe ColdFusionMedium Risk Medium Risk

Security Restriction Bypass

 APSB24-41
Adobe Substance 3D StagerMedium Risk Medium RiskRemote Code Execution APSB24-43
Adobe Creative Cloud DesktopMedium Risk Medium RiskRemote Code Execution APSB24-44
Adobe Acrobat AndroidMedium Risk Medium RiskSecurity Restriction Bypass APSB24-50

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 1

Number of 'Medium Risk' product(s): 10

Number of 'Low Risk' product(s): 0

Evaluation of overall 'Risk Level': High Risk

 

Note:

Adobe is aware that CVE-2024-34102 has been exploited in the wild in limited attacks targeting Adobe Commerce merchants.

 

[Updated on 2024-07-18]

Updated description and risk level.

Impact

  • Remote Code Execution
  • Denial of Service
  • Security Restriction Bypass
  • Elevation of Privilege
  • Information Disclosure
  • Cross-Site Scripting

System / Technologies affected

  • Adobe Photoshop 2023 24.7.3 and earlier versions    
  • Adobe Photoshop 2024 25.7 and earlier versions
  • Adobe Experience Manager (AEM) AEM Cloud Service (CS)
  • Adobe Experience Manager (AEM) 6.5.20 and earlier versions
  • Adobe Audition 24.2 and earlier versions
  • Adobe Audition 23.6.4 and earlier versions     
  • Adobe Media Encoder 24.3 and earlier versions
  • Adobe Media Encoder 23.6.5 and earlier versions
  • Adobe FrameMaker Publishing Server Version 2022.2 and earlier versions
  • Adobe FrameMaker Publishing Server Version 2020 Update 3 and earlier versions
  • Adobe Commerce  2.4.7 and earlier versions
  • Adobe Commerce 2.4.6-p5 and earlier versions
  • Adobe Commerce 2.4.5-p7 and earlier versions
  • Adobe Commerce 2.4.4-p8 and earlier versions
  • Adobe Commerce 2.4.3-ext-7 and earlier versions
  • Adobe Commerce 2.4.2-ext-7 and earlier versions
  • Adobe Commerce 2.4.1-ext-7 and earlier versions
  • Adobe Commerce 2.4.0-ext-7 and earlier versions
  • Adobe Commerce 2.3.7-p4-ext-7 and earlier versions
  • Magento Open Source 2.4.7 and earlier versions
  • Magento Open Source 2.4.6-p5 and earlier versions
  • Magento Open Source 2.4.5-p7 and earlier versions
  • Magento Open Source 2.4.4-p8 and earlier versions
  • Adobe Commerce Webhooks Plugin 1.2.0 to 1.4.0
  • Adobe ColdFusion 2023 Update 7 and earlier versions
  • Adobe ColdFusion 2021 Update 13 and earlier versions
  • Adobe Substance 3D Stager 2.1.4 and earlier versions 
  • Adobe Creative Cloud Desktop Application 6.1.0.587 and earlier version
  • Adobe Acrobat Android 24.4.2.33155 and earlier versions

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  • Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update

Vulnerability Identifier

Source

Related Link

Related Tags

AdobeRemote Code ExecutionDenial of ServiceSecurity Restriction BypassElevation of PrivilegeInformation DisclosureCross Site ScriptingExploit In The Wild

Share with

Previous

VMWare Products Information Disclosure Vulnerability

1 Apr 2022 5435 Views

Next

Cisco Products Multiple Vulnerabilities

18 Jul 2024 3848 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY