If you run an Adobe Commerce site, it’s time to take action.
Magento has just released a statement warning of a critical vulnerability that’s been exploited in the wild. The flaw, CVE-2022-24086, is a remote code execution vulnerability that allows attackers to execute malicious code on vulnerable sites.
This means that an attacker could take control of your site and steal or modify data. Even worse, this vulnerability is known as a pre-authenticated flaw, meaning a bad actor could manipulate your site without ever knowing your login or password.
Read the Adobe Security Bulletin on the flaw here.
Magento has rated the flaw as 9.8 out of 10.0 on the severity scale, so it’s important to take immediate steps to patch your site against this threat.
Classy Llama is aggressively working to patch our merchants’ sites and keep them safe from this exploit, but if you don’t have someone proactively patching against this issue on your Adobe Commerce site, you’re at serious risk. Given the severity of this issue and the ease of the exploit for bad actors, the number of attacks through CVE-2022-24086 is predicted to rise quickly.
Make sure your site is protected. Click here to get the patches from Adobe Commerce that can protect your site and data from this vulnerability.
Not sure how to use the patches? Fill out our contact form here and we’ll connect your company to someone who can help you.
Wanna move faster than that? Give us a call at 471-866-8887 to get connected right away.