May 29, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Mozilla Products Vulnerabilities
April 30, 2025
Multiple Microsoft Excel Vulnerabilities
April 30, 2025
Multiple Mozilla Products Vulnerabilities
April 30, 2025
Multiple Microsoft Excel Vulnerabilities
April 30, 2025
Severity
High
Analysis Summary
CVE-2025-30282 CVSS:9.1
Adobe ColdFusion could allow a remote attacker to execute arbitrary code on the system, caused by improper authentication. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2025-24447 CVSS:9.1
Adobe ColdFusion could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. An attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators of Compromise
CVE
CVE-2025-30282
CVE-2025-24447
Affected Vendors
- Adobe
Affected Products
- Adobe ColdFusion 2025 - Build 331385
- Adobe ColdFusion 2023 - Update 12
- Adobe ColdFusion 2021 - Update 18
Remediation
Refer to Adobe Security Advisory for patch, upgrade or suggested workaround information.
