Race Condition Vulnerability in Adobe Commerce Software
CVE-2025-24430

3.7LOW

Key Information:

Vendor: Adobe
Status: Adobe Commerce
Vendor: CVE Published:; 11 February 2025

What is CVE-2025-24430?

Adobe Commerce is affected by a Time-of-check Time-of-use (TOCTOU) race condition vulnerability that can allow an attacker to bypass security mechanisms. This vulnerability occurs when the system's check on a condition can be altered by an attacker after the check has been performed but before the condition is utilized. Successful exploitation of this vulnerability necessitates user interaction, providing an opportunity for potential exploitation if proper safeguards are not enforced. Organizations utilizing affected versions of Adobe Commerce are urged to review their security measures and stay updated with the vendor's recommendations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Adobe Commerce 0 <= 2.4.8-beta1

References

https://helpx.adobe.com/security/products/magento/apsb25-...

vendor-advisory

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 11, 2025
Vulnerability Reserved
Jan 21, 2025

JSON

Adobe

What is CVE-2025-24430?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.