Particle.news
Download on the App Store
4 ARTICLES
·
5h ago

CISA Adds Actively Exploited Adobe AEM Forms Flaw to KEV Catalog

The listing triggers a Nov. 5 remediation deadline for federal agencies under BOD 22-01.

Image

Overview

  • CVE-2025-54253 is a CVSS 10.0 vulnerability in Adobe Experience Manager Forms on JEE that enables unauthenticated remote code execution in low-complexity attacks with no user interaction.
  • Adobe addressed the flaw in early August with AEM 6.5.0-0108 for versions 6.5.23.0 and earlier, after proof-of-concept exploit code was publicly available.
  • CISA says the bug is being exploited in the wild and urges all organizations to prioritize patching or apply vendor-recommended mitigations immediately.
  • Researchers Adam Kues and Shubham Shah of Searchlight Cyber disclosed the issue to Adobe on April 28 and published a detailed write-up on July 29 preceding the vendor’s fix.
  • Security analyses attribute the risk to an exposed /adminui/debug servlet that evaluates OGNL expressions as Java code, allowing command execution via a single crafted HTTP request.