Vulnerability cyber

Adobe Commerce

Oct 7, 2024 1 min read
Adobe Commerce

Over 4,000 Adobe Commerce and Magento stores were hacked through the exploitation of a critical vulnerability, identified as CosmicSting (CVE-2024-34102). This attack allowed unauthorized reading of files, including passwords and other sensitive data. The attackers typically stole a secret cryptographic key and modified CMS blocks via the Magento API to inject malicious Javascript aimed at customer data theft. The exploitation led to the installation of payment skimmers in 5% of all Adobe Commerce and Magento store checkouts. Major organizations, such as Ray-Ban and Cisco, were affected, resulting in potentially severe financial and reputational damage.

Source: https://securityaffairs.com/169316/cyber-crime/4000-unpatched-adobe-commerce-and-magento-stores-hacked.html

TPRM report: https://scoringcyber.rankiteo.com/company/adobe-commerce

"id": "ado000100724",
"linkid": "adobe-commerce",
"type": "Vulnerability",
"date": "10/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Eyewear',
                        'name': 'Ray-Ban',
                        'type': 'Retail'},
                       {'industry': 'Networking',
                        'name': 'Cisco',
                        'type': 'Technology'}],
 'attack_vector': 'Exploitation of Critical Vulnerability (CosmicSting - '
                  'CVE-2024-34102)',
 'data_breach': {'data_exfiltration': 'Yes',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Passwords, Cryptographic Keys, '
                                             'Customer Data'},
 'description': 'Over 4,000 Adobe Commerce and Magento stores were hacked '
                'through the exploitation of a critical vulnerability, '
                'identified as CosmicSting (CVE-2024-34102). This attack '
                'allowed unauthorized reading of files, including passwords '
                'and other sensitive data. The attackers typically stole a '
                'secret cryptographic key and modified CMS blocks via the '
                'Magento API to inject malicious Javascript aimed at customer '
                'data theft. The exploitation led to the installation of '
                'payment skimmers in 5% of all Adobe Commerce and Magento '
                'store checkouts. Major organizations, such as Ray-Ban and '
                'Cisco, were affected, resulting in potentially severe '
                'financial and reputational damage.',
 'impact': {'brand_reputation_impact': 'Severe',
            'data_compromised': 'Passwords, Cryptographic Keys, Customer Data',
            'payment_information_risk': 'High',
            'systems_affected': 'Adobe Commerce and Magento Stores'},
 'initial_access_broker': {'entry_point': 'Critical Vulnerability '
                                          '(CVE-2024-34102)'},
 'motivation': 'Financial Gain, Data Theft',
 'post_incident_analysis': {'root_causes': 'Critical Vulnerability '
                                           '(CVE-2024-34102)'},
 'title': 'CosmicSting Vulnerability Exploitation',
 'type': 'Data Breach, Malware',
 'vulnerability_exploited': 'CosmicSting (CVE-2024-34102)'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.