Latest news with #AdobeCommerce&CommerceB2B

Hindustan Times

If you use these Adobe softwares, you are under high risk, Indian government warns

The Indian Computer Emergency Response Team (CERT-In), under the Ministry of Electronics and Information Technology, has issued an alert highlighting critical vulnerabilities across several Adobe software products. The alert, tagged as CIVN-2025-0137, was released on 1 July and carries a medium severity rating. The identified vulnerabilities could enable cyber attackers to perform a range of malicious actions.(AP) According to CERT-In, a wide array of Adobe's creative, productivity, and e-commerce software is vulnerable. Affected versions include: Adobe InCopy (up to versions 20.3 and 19.5.4) Adobe Experience Manager (AEM) (up to 6.5.23 and CS 2025.5) Adobe Commerce & Commerce B2B (versions before 2.4.8) Magento Open Source (before 2.4.8) Adobe InDesign (up to ID20.3 and ID19.5.4) Adobe Substance 3D Sampler (up to 5.0.3) Adobe Acrobat and Reader (Windows and Mac prior to builds 25.001.20531 and 25.001.20529) Acrobat 2024 and 2020 (prior to 24.001.30254 and 20.005.30744) Adobe Substance 3D Painter (before 11.0.2) What's at Risk? The identified vulnerabilities could enable cyber attackers to perform a range of malicious actions. These include bypassing security restrictions, executing arbitrary code, conducting cross-site scripting (XSS) attacks, gaining elevated privileges, and even accessing sensitive user data. In certain cases, they may cause denial-of-service (DoS) disruptions. These risks are primarily due to issues like memory corruption, improper input validation, and insecure handling of user data—making the vulnerabilities particularly dangerous in enterprise environments. Mobile Finder: Nothing Phone 3 launched in India Who Should Be Concerned? The advisory is directed at system administrators, IT security professionals, and end-users of Adobe's affected software. Organisations that depend heavily on Adobe for creative production, document workflows, or online commerce should treat this alert as urgent. Recommended Actions CERT-In urges users and IT teams to take the following steps to protect their systems: Install all latest security patches released by Adobe Monitor network activity for unusual or unauthorised behaviour Avoid opening suspicious files or clicking unfamiliar links Keep antivirus and endpoint protection updated Use application allowlisting to restrict unapproved software execution Users can access updates and more detailed advisories through the Cyber Swachhta Kendra and Adobe's official website.