Adobe Commerce - APSB25-08: Uncovering Details about this Security Update

Keeping its security update releases in motion, Adobe released a new security update on February 11^th, 2025 for Adobe Commerce and Magento Open Source. This update is all about securing vulnerabilities of any level. Vulnerabilities in your Adobe Commerce can cause serious security exploitation. They could also result in arbitrary code execution, security feature bypass, or privilege escalation.

Adobe has rolled out the security patch for various affected versions including:

• 2.4.8-beta1
• 2.4.7-p3 and earlier
• 2.4.6-p8 and earlier
• 2.4.5-p10 and earlier
• 2.4.4-p11 and earlier

Besides this, there is also a security update for Adobe Commerce B2B that includes version updates for the following:

• 1.5.0 and earlier
• 1.4.2-p3 and earlier
• 1.3.5-p8 and earlier
• 1.3.4-p10 and earlier
• 1.3.3-p11 and earlier

In order to resolve the issues, Adobe Commerce and Magento Open Source security updates have also been rolled out for the following versions:

• 2.4.8-beta1
• 2.4.7-p3 and earlier
• 2.4.6-p8 and earlier
• 2.4.5-p10 and earlier
• 2.4.4-p11 and earlier

While addressing these issues, Adobe has offered priority ratings and has suggested users update the installation to the newest versions.

All the recent updates have been put in the list of priority rating “2”. However, Adobe Commerce and Magento Open Source have been categorized in the priority category “1”, making the most important one to update immediately. For finding vulnerability details, refer to this Adobe Security Bulletin (APSB25-08). Adobe in a long list has also acknowledged the efforts of various researchers who have contributed to reporting these issues.

There are also isolated patch details that define the solution of each patch as showcased in this bulletin under “Isolated Patch Details”.