In a critical alert issued yesterday, February 24, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged two significant security vulnerabilities in widely used software products from Adobe and Oracle. These flaws, identified in Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM), have been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation in the wild. With federal agencies given a deadline of March 17, 2025, to patch their systems, this development underscores the urgency for organizations worldwide to act swiftly to protect their networks.
The first vulnerability affects Adobe ColdFusion, a popular platform for building web applications. While specific details about the flaw—such as its CVE identifier or CVSS score—remain limited in public reports, its inclusion in the KEV catalog signals that attackers are already leveraging it to compromise systems. Adobe ColdFusion is widely deployed across industries, making this a potential weak point for businesses that rely on it for critical operations.
The second flaw targets Oracle Agile PLM, a product lifecycle management solution used by enterprises to manage product development processes. Unlike its counterpart, another Oracle Agile PLM vulnerability (CVE-2024-21287, CVSS score: 7.5) was notably exploited late last year, hinting at a pattern of attackers targeting this software. The current flaw’s active exploitation has prompted CISA to urge immediate action, though no technical specifics about its exploitation have surfaced yet.
CISA’s directive is clear: federal agencies must apply patches or mitigations by March 17, 2025, to thwart potential attacks. For private organizations, the recommendation is just as pressing—update systems promptly to avoid falling victim to these threats. The absence of detailed public reports on how these vulnerabilities are being exploited only heightens the need for vigilance, as attackers may already have a head start.
This news comes amid other cybersecurity developments. For instance, threat intelligence firm GreyNoise recently reported active exploitation attempts targeting a patched Cisco vulnerability (CVE-2023-20198), with over 110 malicious IPs involved. While unrelated to the Adobe and Oracle flaws, it highlights the broader landscape of persistent threats facing organizations today. Interestingly, GreyNoise also noted that two IPs exploiting an older Cisco flaw (CVE-2018-0171) overlapped with activities linked to the Chinese state-sponsored group Salt Typhoon, suggesting sophisticated actors remain a significant concern.
For now, the priority is clear—patch management is non-negotiable. Organizations using Adobe ColdFusion or Oracle Agile PLM should verify their systems’ patch status and consult vendor advisories for the latest updates. As cyber threats evolve, staying ahead requires not just reaction, but proactive defense. Have you checked your systems today?