Rewterz Threat Advisory – CVE-2022-24086 – Adobe Commerce and Magento Open Source Vulnerability

Rewterz Threat Alert – Bitter APT Group – Active IOCs

February 11, 2022

Rewterz Threat Advisory – CVE-2022-0516 – Linux Kernel Vulnerability

February 14, 2022

Rewterz Threat Advisory – CVE-2022-24086 – Adobe Commerce and Magento Open Source Vulnerability

Severity

High

Analysis Summary

CVE-2022-24086

Adobe Commerce and Magento Open Source allow a remote attacker to execute arbitrary code on the system, caused by improper input validation. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

Code Execution

Indicators of Compromise

CVE

CVE-2022-24086

Affected Vendors

Adobe

Affected Products

Adobe Commerce 2.4.3-p1
Adobe Commerce 2.3.7-p2
Adobe Magento Open Source 2.4.3-p1
Adobe Magento Open Source 2.3.7-p2

Remediation

Refer to Adobe Security for patch, upgrade, or suggested workaround information.

https://helpx.adobe.com/security/products/magento/apsb22-12.html

Rewterz Threat Alert – Bitter APT Group – Active IOCs

Rewterz Threat Advisory – CVE-2022-0516 – Linux Kernel Vulnerability

Rewterz Threat Advisory – CVE-2022-24086 – Adobe Commerce and Magento Open Source Vulnerability

Severity

Analysis Summary

CVE-2022-24086

Impact

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan