CVE-2024-20767

Confirmed PUBLISHED

ColdFusion | Improper Access Control (CWE-284)

Adobe · ColdFusion
Exploited in the wild Active exploitation observed PoC available Virtual patch available

Recommended Action

Prioritize immediate patching and validate internet-facing exposure. Monitor for matching exploitation attempts in your environment.

Confidence
Confirmed
Exploitation Status
Active exploitation observed
Observed in Sensors
Yes
Attempts (30d)
32
Unique Attacker IPs
20
CISA KEV
In CISA KEV
Virtual Patch
Yes 3 targets
CVSS / EPSS
7.4 High EPSS 98.5%

At a Glance

ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. An attacker could leverage this vulnerability to access or modify restricted files. Exploitation of this issue does not require user interaction. Exploitation of this issue requires the admin panel be exposed to the internet.

nessus_scanner cisa nuclei_scanner
CVE Published
Mar 18, 2024
Exploitation Reported
Dec 16, 2024
CVSS
7.4 High
EPSS
98.5%
Remote No user interaction Unauthenticated

Affected Versions

Vendor Product Version Status
adobe
coldfusion

2023.0 to <= 2023.0_update_12

Affected
adobe
coldfusion

2021.0 to <= 2021.0_update12

Affected
adobe
coldfusion

2023.0 to <= 2023.0_update_12

Affected
adobe
coldfusion

2021.0 to <= 2021.0_update12

Affected
Adobe
ColdFusion

0 to <= 2021.12

Affected

CVE References

Recommended Actions

  • Prioritize immediate patching and validate internet-facing exposure. Monitor for matching exploitation attempts in your environment.
  • Review sensor telemetry for request paths, attacker IPs, and payload patterns that may inform detection and exposure validation.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.