Multiple Adobe Sandbox Vulnerabilities Risked Integrity And Confidentiality Of Systems

  • 106
  • 1

One of the areas contributing to the rise of cyber attacks is the use of third-party services. While these services appear a convenient means to run processes at various organizations, particularly the startups, they also pose risk to the integrity of the users systems. Recently, researchers discovered a similar problem. Allegedly, they found numerous Adobe sandbox vulnerabilities that affected one of the users of the service.

Adobe Sandbox Vulnerabilities Discovered

Researchers at Swascan have discovered multiple Adobe Sandbox vulnerabilities that posed a serious threat to the users. As disclosed in their blog post, Swascan Team found as many as five different security vulnerabilities in the service.

Reportedly, the cybersecurity team at Swascan came across the flaws during their security analysis for an European media firm. As they highlighted with their analysis, they noticed that the vulnerabilities they observed actually existed due to Adobe Sandbox.

“most of the vulnerabilities and exposures we had found were depending on a third-party service: Adobe, and its Sandbox Service which our customer bought for its own internal use.”

Allegedly, what they discovered included two high-severity flaws, two medium-severity vulnerabilities, and a single low-severity vulnerability. Upon exploit, these vulnerabilities threatened the integrity and confidentiality of the systems.

Adobe Patched The Flaws

Upon finding the vulnerabilities, Team Swascan got in touch with Adobe PSIRT to patch the flaws. As revealed, Adobe patched the flaws while Swascan remained in close collaboration with the vendors. While they haven’t disclosed the technicalities of the flaws, they did appreciate Adobe’s response towards their report. Besides, they also emphasized the importance of such collaborations between the cybersecurity experts and software vendors.

“CERTs and PSIRTs they do play an highly critical, important role in the security ecosystem of nowadays digital world.”

Certainly, the vigilance and interest of the vendors towards patching vulnerabilities are imperative to avoid cyber attacks. Otherwise, we already know of breaches and cyber attacks that took place merely because of the negligence of vendors.

Let us know your thoughts about this article in the comments section


Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!