PT-2025-32867 · Adobe · Commerce
Published
2025-08-12
·
Updated
2025-08-15
·
CVE-2025-49558
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions:
Adobe Commerce versions 2.4.9-alpha1 through 2.4.4-p14
Description:
Adobe Commerce is affected by a Time-of-check Time-of-use (TOCTOU) race condition. This issue could allow a security feature to be bypassed, potentially leading to unauthorized write access. Exploitation of this issue does not require user interaction.
Recommendations:
Update Adobe Commerce to a version later than 2.4.4-p14.
Fix
Time Of Check To Time Of Use
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Commerce