Software program maker Adobe on Tuesday launched fixes for a minimum of 13 security vulnerabilities in a number of product traces, warning that essential flaws in Adobe Commerce and Photoshop would require instant consideration.
As a part of its scheduled batch of Patch Tuesday updates, Adobe documented a minimum of 10 critical flaws in Adobe Commerce and Magento Open Supply, a product line typically focused by malicious hackers.
“Profitable exploitation may result in arbitrary code execution, privilege escalation, arbitrary file system learn, security function bypass and utility denial-of-service,” Adobe mentioned in a critical-severity advisory.
The corporate recognized the affected software program variations as Adobe Commerce (a number of variations together with 2.4.7-beta1 and earlier) and Magento Open Supply (A number of variations together with 2.4.7-beta1 and earlier.)
Adobe mentioned it was not conscious of exploits for any of the documented vulnerabilities.
The San Jose, Calif. agency additionally launched updates to repair a critical-severity flaw within the fashionable Adobe Photoshop software program. The flaw, tagged as CVE-2023-26370, could possibly be exploited to launch code execution assaults on each Home windows and macOS techniques.
Adobe mentioned the patches apply to Photoshop 2022 (23.5.5 and earlier variations) and Photoshop 2023 (24.7 and earlier variations).
Adobe’s security response staff additionally launched fixes for a pair of vulnerabilities in Adobe Bridge that might result in reminiscence corruption exploitation.
