Intrusion PreventionAdobe.ColdFusion.ToTemplateProxy.Insecure.Deserialization
Description
This indicates an attack attempt to exploit an Insecure Deserialization Vulnerability in Adobe Systems ColdFusion.
The vulnerability is due to deserialization of untrusted data when processing HTTP parameters sent to ColdFusion Component (CFC) endpoints. A remote, unauthenticated, attacker could exploit this vulnerability by sending crafted requests to the target server. Successful exploitation could result in arbitrary code execution in the security context of SYSTEM.
Outbreak Alert
FortiGuard Labs continue to see cyber-attacks targeting to exploit the ColdFusion vulnerability CVE-2023-26360. Blocking over multiple hundreds of attacks over the last weeks.
Affected Products
Adobe Systems ColdFusion 2018 update 15 and prior
Adobe Systems ColdFusion 2021 update 5 and prior
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://helpx.adobe.com/security/products/coldfusion/apsb23-25.html
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2023-05-16 | 23.555 | Sig Added |
| 2023-05-15 | 23.554 | Default_action:pass:drop |
| 2023-05-04 | 23.546 |
| ID | 52899 |
| Created | Apr 26, 2023 |
| Updated | May 15, 2023 |
| Outbreak Alert | Adobe ColdFusion Code Execution |
| Threat Signal | View Report |
| Risk |
|
| CVE ID | CVE-2023-26360 |
| Known Exploited | Yes |
| Exploit Prediction Score | 96.2% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux, MacOS |
| Affected App | Adobe |