Adobe Releases Security Updates for ColdFusion (Mar 1, 2019)
The United States Computer Emergency Readiness Team (US-CERT) has issued an alert regarding a vulnerability in Adobe’s “ColdFusion” web application development platform. The vulnerability, registered as “CVE-2019-7816,” could be exploited by a threat actor to take control of an affected system, according to the Cybersecurity and Infrastructure Security Agency (CISA). An actor would first require “the ability to upload executable code to a web-accessible directory, and then execute that code via an HTTP request” to exploit the vulnerability. Restricting requests to directories where uploaded files are stored will mitigate this attack.” Threat actors have been observed exploiting this vulnerability has been in the wild. Adobe has issued a patch to address CVE-2019-7816.
Recommendation: This alert shows the importance of your company having patch-maintenance policies in place to avoid potential malicious activity, especially since this vulnerability has been observed being exploited in the wild. Additional information on this vulnerability can be viewed on Adobe’s Security Bulletin located here: https://helpx.adobe.com/security/products/coldfusion/apsb19-14.html
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.