Adobe has released a batch of security updates to fix multiple vulnerabilities in several its products, including some critical remote code execution flaws that could be exploited to take over vulnerable systems. The security updates address a total of 35 vulnerabilities across Adobe Illustrator, Bridge, and Magento software with 25 of them deemed high-risk flaws.
The vendor has fixed seventeen vulnerabilities in the Adobe Bridge product with the release of Adobe Bridge 10.0.4, the list of flaws includes information disclosure and arbitrary code execution bugs.
Security update for Adobe Illustrator resolves five vulnerabilities (CVE-2020-9570 CVE-2020-9571, CVE-2020-9572, CVE-2020-9573, and CVE-2020-9574). All of them could be exploited by a remote attacker to execute arbitrary code on the target system by tricking a user into opening a malicious file.
Adobe has also released a security advisory concerning multiple bugs impacting the Magento e-commerce platform. A total of six RCE-vulnerabilities were patched in the popular e-commerce platform, none of which required authentication for a successful exploitation.
The new Magento updates also include patches for several vulnerabilities rated important. Three of these (CVE-2020-9577, CVE-2020-9581, and CVE-2020-9584) could be exploited to gain access to sensitive information, while the fourth (CVE-2020-9588) is a signature verification bypass.