Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA - Related to after, products, authentication, breach, adobe
CISA tags Windows, Cisco vulnerabilities as actively exploited
CISA has warned US federal agencies to secure their systems against attacks exploiting vulnerabilities in Cisco and Windows systems.
While the cybersecurity agency has tagged these flaws as actively exploited in the wild, it has yet to provide specific details regarding this malicious activity and who is behind it.
The first flaw (tracked as CVE-2023-20118) enables attackers to execute arbitrary commands on RV016, RV042, RV042G. RV082, RV320, and RV325 VPN routers. While it requires valid administrative credentials, this can still be achieved by chaining the CVE-2023-20025 authentication bypass, which provides root privileges.
Cisco says in an advisory (PSIRT) is aware of CVE-2023-20025 publicly available proof-of-concept exploit code.
In relation to this, the second security bug (CVE-2018-8639) is a Win32k elevation of privilege flaw that local attackers logged into the target system can exploit to run arbitrary code in kernel mode. Successful exploitation also allows them to alter data or create rogue accounts with full user rights to take over vulnerable Windows devices.
, this vulnerability impacts client (Windows 7 or later) and server (Windows Server 2008 and. Up) platforms.
Today, CISA added the two vulnerabilities to its Known Exploited Vulnerabilities catalog, which lists security bugs the agency has tagged as exploited in attacks. As mandated by the Binding Operational Directive (BOD) 22-01 issued in November 2021, Federal Civilian Executive Branch (FCEB) agencies now have three weeks, until March 23, to secure their networks against ongoing exploitation.
"These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise," CISA stated today.
Microsoft and Cisco have not yet updated their security advisories after CISA tagged the two vulnerabilities as actively exploited in attacks.
In early February, CISA also revealed that a critical Microsoft Outlook remote code execution (RCE) vulnerability (CVE-2024-21413) is now being exploited in ongoing attacks and ordered federal agencies to patch their systems by February 27.
The 's Information Commissioner's Office (ICO) has opened an investigation into online platforms TikTok, Reddit. And Imgur to assess the steps the...
The Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, M...
Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA
The Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws impacting Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM) to its Known Exploited Vulnerabilities (KEV) catalog. Based on evidence of active exploitation.
The vulnerabilities in question are listed below -.
CVE-2017-3066 (CVSS score: - A deserialization vulnerability impacting Adobe ColdFusion in the Apache BlazeDS library that allows for arbitrary code execution. (Fixed in April 2017).
(CVSS score: - A deserialization vulnerability impacting Adobe ColdFusion in the Apache BlazeDS library that allows for arbitrary code execution. (Fixed in April 2017) CVE-2024-20953 (CVSS score: - A deserialization vulnerability impacting Oracle Agile PLM that allows a low-privileged attacker with network access via HTTP to compromise the system. (Fixed in January 2024).
In relation to this, there are currently no public reports referencing the exploitation of the vulnerabilities, although another flaw impacting Oracle Agile PLM (CVE-2024-21287, CVSS score: came under active abuse late last year.
To mitigate the risks posed by potential attacks weaponizing these flaws. It's recommended that people take steps to apply the necessary updates. Federal agencies have time until March 17, 2025, to secure their networks against the threats.
The development comes as threat intelligence firm GreyNoise revealed active exploitation attempts targeting CVE-2023-20198, a now-patched security flaw affecting vulnerable Cisco devices.
As many as 110 malicious IPs, mainly originating from Bulgaria, Brazil, and Singapore have been linked to the malicious activity.
"Two malicious IPs exploited CVE-2018-0171 in December 2024 and January 2025, originating from Switzerland and. The United States — the same period when Salt Typhoon, a Chinese state-sponsored threat group, reportedly breached telecom networks using CVE-2023-20198 and CVE-2023-20273," the GreyNoise Research Team stated.
Microsoft is investigating a new Microsoft 365 outage that is affecting Teams consumers and causing call failures.
Since the incident started more th...
In Zohocorps ADSelfService Plus können Angreifer eine Sicherheitslücke missbrauchen, um Konten zu übernehmen. Aktualisierte Software stopft das Sicher...
This week, a 23-year-old Serbian activist found themselves at the crossroads of digital danger when a sneaky zero-day exploit turned their Android dev...
Rubrik rotates authentication keys after log server breach
Rubrik disclosed last month that one of its servers hosting log files was breached, causing the corporation to rotate potentially leaked authentication keys.
The business has confirmed to BleepingComputer that the breach was not a ransomware incident and that it did not receive any communication from the threat actor.
Rubrik is a cybersecurity corporation that specializes in data protection, backup. And recovery and has over 3,000 employees in more than 22 global offices. The corporation has over 6,000 consumers worldwide, including high-profile companies like AMD, Adobe, Pepsico, Home Depot, Allstate, Sephora, GSK, Honda, Harvard University, and. TrelliX.
In a security advisory , Rubrik says it detected unusual activity on a server hosting their log files.
"The Rubrik Information Security Team lately discovered anomalous activity on a server that contained log files. We promptly took the server offline to mitigate the risk," reads Rubrik's security advisory.
"An investigation supported by a third party forensic partner has confirmed that the incident was isolated to this one server and we found no evidence of unauthorized access to any data we secure on behalf of our customers, or our internal code."
However, Rubrik says that a small number of log files contained access information, causing the organization to rotate authentication keys out of an abundance of caution.
The enterprise says that there are no signs that this information was misused.
Furthermore, Rubrik says their investigation has not found evidence that the threat actors gained access to customer data or their internal source code.
Rubrik previously suffered a data breach in 2023 after the business's data was stolen as part of the wide-scale Fortra GoAnywhere data theft attacks by the Clop ransomware gang.
The Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws impacting Adobe ColdFusion and. Oracle Agile Product Life...
A large-scale malware campaign has been found leveraging a vulnerable Windows driver associated with Adlice's product suite to sidestep detection effo...
Die US-amerikanische IT-Sicherheitsbehörde warnt vor beobachteten Angriffen auf Schwachstellen in Cisco RV-Routern, Hitachi Vantara, WhatsUp Gold und ...
Market Impact Analysis
Market Growth Trend
| 2018 | 2019 | 2020 | 2021 | 2022 | 2023 | 2024 |
|---|---|---|---|---|---|---|
| 8.7% | 10.5% | 11.0% | 12.2% | 12.9% | 13.3% | 13.4% |
Quarterly Growth Rate
| Q1 2024 | Q2 2024 | Q3 2024 | Q4 2024 |
|---|---|---|---|
| 12.5% | 12.9% | 13.2% | 13.4% |
Market Segments and Growth Drivers
| Segment | Market Share | Growth Rate |
|---|---|---|
| Network Security | 26% | 10.8% |
| Cloud Security | 23% | 17.6% |
| Identity Management | 19% | 15.3% |
| Endpoint Security | 17% | 13.9% |
| Other Security Solutions | 15% | 12.4% |
Technology Maturity Curve
Different technologies within the ecosystem are at varying stages of maturity:
Competitive Landscape Analysis
| Company | Market Share |
|---|---|
| Palo Alto Networks | 14.2% |
| Cisco Security | 12.8% |
| Crowdstrike | 9.3% |
| Fortinet | 7.6% |
| Microsoft Security | 7.1% |
Future Outlook and Predictions
The Cisa Actively Exploited landscape is evolving rapidly, driven by technological advancements, changing threat vectors, and shifting business requirements. Based on current trends and expert analyses, we can anticipate several significant developments across different time horizons:
Year-by-Year Technology Evolution
Based on current trajectory and expert analyses, we can project the following development timeline:
Technology Maturity Curve
Different technologies within the ecosystem are at varying stages of maturity, influencing adoption timelines and investment priorities:
Innovation Trigger
- Generative AI for specialized domains
- Blockchain for supply chain verification
Peak of Inflated Expectations
- Digital twins for business processes
- Quantum-resistant cryptography
Trough of Disillusionment
- Consumer AR/VR applications
- General-purpose blockchain
Slope of Enlightenment
- AI-driven analytics
- Edge computing
Plateau of Productivity
- Cloud infrastructure
- Mobile applications
Technology Evolution Timeline
- Technology adoption accelerating across industries
- digital transformation initiatives becoming mainstream
- Significant transformation of business processes through advanced technologies
- new digital business models emerging
- Fundamental shifts in how technology integrates with business and society
- emergence of new technology paradigms
Expert Perspectives
Leading experts in the cyber security sector provide diverse perspectives on how the landscape will evolve over the coming years:
"Technology transformation will continue to accelerate, creating both challenges and opportunities."
— Industry Expert
"Organizations must balance innovation with practical implementation to achieve meaningful results."
— Technology Analyst
"The most successful adopters will focus on business outcomes rather than technology for its own sake."
— Research Director
Areas of Expert Consensus
- Acceleration of Innovation: The pace of technological evolution will continue to increase
- Practical Integration: Focus will shift from proof-of-concept to operational deployment
- Human-Technology Partnership: Most effective implementations will optimize human-machine collaboration
- Regulatory Influence: Regulatory frameworks will increasingly shape technology development
Short-Term Outlook (1-2 Years)
In the immediate future, organizations will focus on implementing and optimizing currently available technologies to address pressing cyber security challenges:
- Technology adoption accelerating across industries
- digital transformation initiatives becoming mainstream
These developments will be characterized by incremental improvements to existing frameworks rather than revolutionary changes, with emphasis on practical deployment and measurable outcomes.
Mid-Term Outlook (3-5 Years)
As technologies mature and organizations adapt, more substantial transformations will emerge in how security is approached and implemented:
- Significant transformation of business processes through advanced technologies
- new digital business models emerging
This period will see significant changes in security architecture and operational models, with increasing automation and integration between previously siloed security functions. Organizations will shift from reactive to proactive security postures.
Long-Term Outlook (5+ Years)
Looking further ahead, more fundamental shifts will reshape how cybersecurity is conceptualized and implemented across digital ecosystems:
- Fundamental shifts in how technology integrates with business and society
- emergence of new technology paradigms
These long-term developments will likely require significant technical breakthroughs, new regulatory frameworks, and evolution in how organizations approach security as a fundamental business function rather than a technical discipline.
Key Risk Factors and Uncertainties
Several critical factors could significantly impact the trajectory of cyber security evolution:
Organizations should monitor these factors closely and develop contingency strategies to mitigate potential negative impacts on technology implementation timelines.
Alternative Future Scenarios
The evolution of technology can follow different paths depending on various factors including regulatory developments, investment trends, technological breakthroughs, and market adoption. We analyze three potential scenarios:
Optimistic Scenario
Rapid adoption of advanced technologies with significant business impact
Key Drivers: Supportive regulatory environment, significant research breakthroughs, strong market incentives, and rapid user adoption.
Probability: 25-30%
Base Case Scenario
Measured implementation with incremental improvements
Key Drivers: Balanced regulatory approach, steady technological progress, and selective implementation based on clear ROI.
Probability: 50-60%
Conservative Scenario
Technical and organizational barriers limiting effective adoption
Key Drivers: Restrictive regulations, technical limitations, implementation challenges, and risk-averse organizational cultures.
Probability: 15-20%
Scenario Comparison Matrix
| Factor | Optimistic | Base Case | Conservative |
|---|---|---|---|
| Implementation Timeline | Accelerated | Steady | Delayed |
| Market Adoption | Widespread | Selective | Limited |
| Technology Evolution | Rapid | Progressive | Incremental |
| Regulatory Environment | Supportive | Balanced | Restrictive |
| Business Impact | Transformative | Significant | Modest |
Transformational Impact
Technology becoming increasingly embedded in all aspects of business operations. This evolution will necessitate significant changes in organizational structures, talent development, and strategic planning processes.
The convergence of multiple technological trends—including artificial intelligence, quantum computing, and ubiquitous connectivity—will create both unprecedented security challenges and innovative defensive capabilities.
Implementation Challenges
Technical complexity and organizational readiness remain key challenges. Organizations will need to develop comprehensive change management strategies to successfully navigate these transitions.
Regulatory uncertainty, particularly around emerging technologies like AI in security applications, will require flexible security architectures that can adapt to evolving compliance requirements.
Key Innovations to Watch
Artificial intelligence, distributed systems, and automation technologies leading innovation. Organizations should monitor these developments closely to maintain competitive advantages and effective security postures.
Strategic investments in research partnerships, technology pilots, and talent development will position forward-thinking organizations to leverage these innovations early in their development cycle.
Technical Glossary
Key technical terms and definitions to help understand the technologies discussed in this article.
Understanding the following technical concepts is essential for grasping the full implications of the security threats and defensive measures discussed in this article. These definitions provide context for both technical and non-technical readers.
phishing beginner
Anatomy of a typical phishing attackplatform intermediate
threat intelligence intermediate
zero-day intermediate
Timeline showing vulnerability discovery to patch developmentransomware beginner
SOC intermediate
EDR intermediate
malware beginner
Common malware types and their characteristicsRelated Articles
