Skip to main content

Adobe Monthly Security Update (October 2024)

Release Date: 9 Oct 2024 3850 Views

RISK: Medium Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

Adobe has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotesDetails (including CVE)
Substance 3D PainterMedium Risk Medium RiskInformation Disclosure APSB24-52
Adobe CommerceMedium Risk Medium RiskElevation of Privilege
Security Restriction Bypass
Cross-site Scripting
Remote Code Execution
Information Disclosure
 APSB24-73
Adobe DimensionMedium Risk Medium RiskRemote Code Execution APSB24-74
Adobe AnimateMedium Risk Medium RiskRemote Code Execution
Information Disclosure
 APSB24-76
Adobe LightroomMedium Risk Medium RiskInformation Disclosure APSB24-78
Adobe InCopyMedium Risk Medium RiskRemote Code Execution APSB24-79
Adobe InDesignMedium Risk Medium RiskRemote Code Execution APSB24-80
Substance 3D StagerMedium Risk Medium RiskRemote Code Execution APSB24-81
Adobe FrameMakerMedium Risk Medium RiskRemote Code Execution APSB24-82

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 0

Number of 'Medium Risk' product(s): 9

Number of 'Low Risk' product(s): 0

Evaluation of overall 'Risk Level': Medium Risk


Impact

  • Remote Code Execution
  • Information Disclosure
  • Elevation of Privilege
  • Cross-Site Scripting
  • Security Restriction Bypass

System / Technologies affected

  • Adobe Substance 3D Painter 10.0.1 and earlier versions
  • Adobe Commerce 2.4.7-p2 and earlier versions
  • Adobe Commerce 2.4.6-p7 and earlier versions
  • Adobe Commerce 2.4.5-p9 and earlier versions
  • Adobe Commerce 2.4.4-p10 and earlier versions
  • Adobe Commerce B2B 1.4.2-p2 and earlier versions
  • Adobe Commerce B2B 1.3.5-p7 and earlier versions
  • Adobe Commerce B2B 1.3.4-p9 and earlier versions
  • Adobe Commerce B2B 1.3.3-p10 and earlier versions
  • Magento Open Source 2.4.7-p2 and earlier versions
  • Magento Open Source 2.4.6-p7 and earlier versions
  • Magento Open Source 2.4.5-p9 and earlier versions
  • Magento Open Source 2.4.4-p10 and earlier versions
  • Adobe Dimension 4.0.3 and earlier versions
  • Adobe Animate 2023 23.0.7 and earlier versions
  • Adobe Animate 2024 24.0.4 and earlier versions
  • Lightroom 7.4.1 and earlier versions
  • Lightroom Classic 13.5 and earlier versions
  • Lightroom Classic (LTS) 12.5.1 and earlier versions
  • Adobe InCopy  19.4 and earlier versions
  • Adobe InCopy  18.5.3 and earlier versions
  • Adobe InDesign ID19.4 and earlier versions
  • Adobe InDesign ID18.5.3 and earlier versions
  • Adobe Substance 3D Stager 3.0.3 and earlier versions
  • Adobe FrameMaker 2020 Release Update 6 and earlier versions
  • Adobe FrameMaker 2022 Release Update 4 and earlier versions

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  • Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update

Vulnerability Identifier


Source


Related Link