The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw affecting Adobe Experience Manager to its Known Exploited Vulnerabilities (KEV) catalog. This decision comes in response to evidence indicating that the vulnerability is being actively exploited in the wild.
The vulnerability, assigned CVE-2025-54253, scores a maximum severity of 10.0 on the CVSS scale, indicating its potential for severe impact. The flaw is linked to a misconfiguration that could lead to arbitrary code execution, allowing threat actors significant access to the affected systems. Organizations utilizing Adobe Experience Manager are strongly urged to assess their environments for this flaw and apply necessary patches to mitigate risks.
👉 Pročitaj original: The Hacker News
