What's Happening?
A critical vulnerability in Adobe Commerce and Magento Open Source, identified as CVE-2025-54236, is being actively exploited by hackers, according to cybersecurity firm Sansec. The flaw, which has a CVSS score of 9.1, involves improper input validation
leading to security feature bypass. Adobe released hotfixes for this issue on September 9, urging users to update their systems. Despite this, only 38% of stores have applied the hotfix, leaving 62% vulnerable. The flaw, known as SessionReaper, was leaked before the official patch, and active exploitation has been observed with approximately 250 attacks reported. The vulnerability could lead to customer account takeovers via the Commerce REST API, posing significant risks to eCommerce sites.
Why It's Important?
The exploitation of this vulnerability poses a significant threat to the security of eCommerce platforms, potentially leading to widespread customer account takeovers. This could result in financial losses and damage to consumer trust for affected businesses. The rapid spread of exploitation tools following the publication of technical details highlights the urgency for businesses to apply security patches. The situation underscores the importance of timely updates and robust cybersecurity measures in protecting sensitive customer data and maintaining operational integrity.
What's Next?
With the vulnerability actively being exploited, eCommerce sites using Adobe Commerce and Magento Open Source are urged to apply the available hotfixes immediately to mitigate risks. As exploitation tools become more widespread, businesses may face increased attacks, necessitating enhanced monitoring and response strategies. Adobe's confirmation of the flaw's exploitation in the wild may prompt further security advisories and updates. Stakeholders, including cybersecurity firms and affected businesses, are likely to collaborate on developing additional protective measures.
