Hackers Exploit Adobe & Oracle Flaws, Patch Now

Washington, February 25, 2025 –Hackers are exploiting major Adobe & Oracle flaws, giving them full control over vulnerable systems. Patch now or risk serious breaches!

Hackers are actively exploiting critical vulnerabilities in Adobe ColdFusion and Oracle Agile PLM, prompting an urgent warning from U.S. cybersecurity officials.

The Cybersecurity and Infrastructure Security Agency (CISA) has flagged these flaws as “Known Exploited Vulnerabilities” (KEV), meaning threat actors are already weaponizing them to launch cyberattacks.

The vulnerabilities include:

• CVE-2017-3066 (Adobe ColdFusion) – A deserialization flaw in Apache BlazeDS that enables remote code execution, allowing hackers to take full control of affected systems.
• CVE-2024-20953 (Oracle Agile PLM) – A network-accessible vulnerability that lets attackers compromise Oracle’s product lifecycle management software, potentially exposing sensitive enterprise data.

cybersecurity analyst Nathaniel Morales warned:

These vulnerabilities give hackers a direct backdoor into corporate networks. Businesses running outdated software are sitting ducks.

Security researchers have detected active attacks exploiting these flaws, with hackers leveraging them to steal data, inject malware, and launch further intrusions. A cybersecurity expert Mike Herrington said:

Once attackers gain access through these vulnerabilities, they can escalate privileges, move laterally, and spread ransomware.

CISA has ordered federal agencies to patch their systems by March 17, 2025, but private businesses must act immediately to avoid compromise.

Other News At VPNRanks

Hey, wait!

Stay informed on the latest privacy updates, cybersecurity insights, and internet freedom news by following VPNRanks news daily! As your primary resource for critical updates in online security, we ensure you’re always in the know. Make VPNRanks your go-to guide for safeguarding your digital life.