Adobe Connect is a web conferencing platform used by some organizations for online meetings and training sessions. This vulnerability allows attackers to execute malicious scripts in a victim's browser, potentially leading to session takeover.
Adobe Connect is a web conferencing platform used by some organizations for online meetings and training sessions. This vulnerability allows attackers to execute malicious scripts in a victim's browser, potentially leading to session takeover.
Affected versions: 12.9 If you don't recognise this software, you're probably not affected.
Upgrade to Adobe Connect 12.10 or later from the official Adobe website: https://www.adobe.com/go/connect-upgrade
- Immediate mitigations:
- Restrict network access to your Adobe Connect instance (firewall it from the public internet)
- Audit admin account activity for suspicious access patterns
- Monitor for unauthorized token creation