<ul><li>U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM) vulnerabilities to its Known Exploited Vulnerabilities catalog.</li><li>The two vulnerabilities are CVE-2017-3066 Adobe ColdFusion Deserialization Vulnerability and CVE-2024-20953 Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability.</li><li>CVE-2017-3066 is a Java deserialization vulnerability in Adobe ColdFusion, allowing arbitrary code execution.</li><li>CVE-2024-20953 is a Deserialization Vulnerability in Oracle Agile PLM, enabling a low-privileged attacker to take over the system.</li></ul>

U.S. CISA adds Adobe ColdFusion and Oracle Agile PLM flaws to its Known Exploited Vulnerabilities catalog

Discover more