CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-20767

High Severity
Adobe
SVRS
67/100
CVSSv3
7.4/10
EPSS
0.93993/1

CVE-2024-20767 is an Improper Access Control vulnerability in Adobe ColdFusion that allows arbitrary file system reads. An attacker can exploit this vulnerability to access or modify restricted files if the admin panel is exposed to the internet. The SVRS score is 67, indicating a notable risk, but not critical enough to require immediate action according to SOCRadar's scoring. This vulnerability exists in ColdFusion versions 2023.6, 2021.12 and earlier. Successful exploitation does not require user interaction. Given that active exploits are available and this CVE is listed in the CISA KEV catalog, organizations using affected versions of ColdFusion should prioritize patching. The risk includes potential data breaches and unauthorized system access.

TAGS
In The Wild
Exploit Avaliable
CISA KEV
VECTOR STRING
CVSS:3.1
AV:N
AC:H
PR:N
UI:N
S:U
C:H
I:H
A:N
PUBLICATION DATE2024-03-18
LAST MODIFIED2024-12-17
Eye Icon
SOCRadar
AI Insight

Description:

CVE-2024-20767 is an Improper Access Control vulnerability in ColdFusion versions 2023.6, 2021.12, and earlier. It allows attackers to bypass security measures and gain unauthorized access to sensitive files and perform arbitrary file system write without user interaction.

Key Insights:

  • High Severity: The CVSS score of 8.2 indicates a high severity vulnerability.
  • SVRS Score: The SOCRadar Vulnerability Risk Score (SVRS) of 40 highlights the moderate urgency and severity of the threat.
  • Active Exploitation: Active exploits have been published, indicating that the vulnerability is being actively exploited by hackers.

Mitigation Strategies:

  • Update Software: Install the latest security updates from Adobe to patch the vulnerability.
  • Restrict Access: Implement access controls to limit who can access sensitive files and directories.
  • Monitor Logs: Regularly monitor logs for suspicious activity that may indicate exploitation attempts.
  • Use Web Application Firewall (WAF): Implement a WAF to block malicious requests and protect against unauthorized access.

Additional Information:

  • The Cybersecurity and Infrastructure Security Agency (CISA) has warned of the vulnerability, calling for immediate and necessary measures.
  • Users with additional queries can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information.

Indicators of Compromise

TypeIndicatorDate
IP
169.150.226.1622025-01-17

Exploits

TitleSoftware LinkDate
Adobe ColdFusion Improper Access Control Vulnerabilityhttps://www.cisa.gov/search?g=CVE-2024-207672024-12-16
yoryio/CVE-2024-20767https://github.com/yoryio/CVE-2024-207672024-03-26
m-cetin/CVE-2024-20767https://github.com/m-cetin/CVE-2024-207672024-03-26
Praison001/CVE-2024-20767-Adobe-ColdFusionhttps://github.com/Praison001/CVE-2024-20767-Adobe-ColdFusion2024-04-01
Chocapikk/CVE-2024-20767https://github.com/Chocapikk/CVE-2024-207672024-03-26
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Hackers Target Adobe and Windows Kernel Drivers, CISA Issues Warning
laseem shayifa2024-12-19
Hackers Target Adobe and Windows Kernel Drivers, CISA Issues Warning | The US cybersecurity agency CISA has put out an alert on two critical risks that have been enumerated in the known Exploited Vulnerability Catalog. The post Hackers Target Adobe and Windows Kernel Drivers, CISA Issues Warning appeared first on SecureReading.The US cybersecurity agency CISA has put out an alert on two critical risks that have
securereading.com
rss
forum
news
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA2024-12-17
CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA has added two new vulnerabilities to its&nbsp;Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. <a class="fui-Link ___1q1shib f2hkw1w f3rmtva f1ewtqcl fyind8e f1k6fduh f1w7gpdv fk6fouc fjoy568 figsok6 f1s184ao f1mk8lai fnbmjn9 f1o700av f13mvf36 f1cmlufx f9n3di6 f1ids18y f1tx3yz7 f1deo86v f1eh06m1 f1iescvh fhgqx19 f1olyrje f1p93eir f1nev41a f1h8hb77 f1lqvz6u f10aw75t fsle3fq f17ae5zn" href="https://www.cve.org/CVERecord?id=CVE-2024-20767" rel="noreferrer noopener" target="_blank" title
cisa.gov
rss
forum
news
U.S. CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog
Pierluigi Paganini2024-12-17
U.S. CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog | U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference (CVE-2024-35250) and Adobe ColdFusion Improper Access Control (CVE-2024-20767) vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The [&#8230;] <
securityaffairs.co
rss
forum
news
CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign
[email protected] (The Hacker News)2024-12-17
CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of flaws is below - CVE-2024-20767 (CVSS score: 7.4) - Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to access or modify restricted
feedburner.com
rss
forum
news
CISA Warns of Adobe &amp; Windows Kernel Driver Vulnerabilities Exploited in Attacks
Divya2024-12-17
CISA Warns of Adobe &amp; Windows Kernel Driver Vulnerabilities Exploited in Attacks | The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert, adding two significant vulnerabilities to its Known Exploited Vulnerabilities Catalog. These vulnerabilities, actively exploited by malicious actors, underscore the growing risks facing organizations. Adobe ColdFusion Access Control Weakness (CVE-2024-20767) One of the newly added vulnerabilities, CVE-2024-20767, affects Adobe ColdFusion due to improper access [&#8230;] The post CISA Warns of Adobe &amp; Windows Kernel Driver Vulnerabilities Exploited in Attacks
gbhackers.com
rss
forum
news
Windows Kernel Vulnerability Actively Exploits in Attacks to Gain System Access
Balaji N2024-12-16
Windows Kernel Vulnerability Actively Exploits in Attacks to Gain System Access | The Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, one of which belongs to a Windows kernel vulnerability actively used in attacks. This update follows verified evidence of active exploitation of these vulnerabilities, highlighting the ongoing risks they pose to cybersecurity. CVE-2024-35250: Found in the Microsoft [&#8230;] The post Windows Kernel Vulnerability Actively Exploits in Attacks to Gain System Access
cybersecuritynews.com
rss
forum
news
CVE-2024-20767 | Adobe ColdFusion 2021/ColdFusion 2023 access control (apsb24-14)
vuldb.com2024-12-04
CVE-2024-20767 | Adobe ColdFusion 2021/ColdFusion 2023 access control (apsb24-14) | A vulnerability was found in Adobe ColdFusion 2021 and ColdFusion 2023. It has been classified as critical. Affected is an unknown function. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2024-20767. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix
vuldb.com
rss
forum
news

Social Media

#ThreatProtection #CVE-2024-20767 - Path traversal #vulnerability in #Adobe #ColdFusion, read more about Symantec's protection: https://t.co/JdXJVgkcG1
0
0
0
A new #vulnerability in #AdobeColdFusion (CVE-2024-20767) allows attackers to read and write system files, affecting over 200,000 exposed servers. Learn how to protect your system now: https://t.co/TErfVxlcUU #CybersecurityThreatAdvisory
0
0
0
We added #Adobe ColdFusion and #Microsoft #Windows kernel vulnerabilities CVE-2024-20767 &amp; CVE-2024-35250 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/P5CinqZV68 &amp; apply mitigations to protect your org from cyberattacks.
1
0
0
RT @CISACyber: 🛡️ We added #Adobe ColdFusion and #Microsoft #Windows kernel vulnerabilities CVE-2024-20767 &amp; CVE-2024-35250 to our Known Ex…
0
9
0
🛡️ We added #Adobe ColdFusion and #Microsoft #Windows kernel vulnerabilities CVE-2024-20767 &amp; CVE-2024-35250 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf &amp; apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/cFXLQbKQ0i
0
0
1
CISACyber RT: 🛡️ We added #Adobe ColdFusion and #Microsoft #Windows kernel vulnerabilities CVE-2024-20767 &amp; CVE-2024-35250 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/bLjkLHuWBi &amp; apply mitigations to protect your org from cyber… https://t.co/ltaVucRMpL
0
0
0
CVE-2024-20767,CVE-2024-20356,CVE-2024-24576,CVE-2024-32640 ajoutés sur #CVER. #Bugbounty #Hackerone #YesWeHack #BugCrowd #CVE #NVD #FIRST #SPLOITUS #EXPLOITDB https://t.co/Gu4i7xqhEV
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
AppAdobecoldfusion

References

ReferenceLink
[email protected]https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html
AF854A3A-2127-422B-91AE-364DA2661108https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html
[email protected]https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html

CWE Details

CWE IDCWE NameDescription
CWE-284Improper Access ControlThe software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence