Critical RCE Vulnerability in Magento, Apply the Security Patch ASAP

Is based your online store in Magento? If that’s so, there is a big chance that your online store can be compromised due to this vulnerability published by Check Point.

This is a critical RCE (remote control execution) vulnerability, that allows attackers to access all the data in your online store. It has been estimated than nearly 200.000 online stores can be compromised due to this vulnerability.

According to Check Point, the vulnerability was communicated directly to eBay before the public announcement. That allowed Magento to prepare and release a security patch resolving this vulnerability on February the 9th [SUPEE-5344, available here].

We have talked to several of our Magento partners such as Interactiv4, Onestic, eCommbits or Oscar Reales and they have confirmed that they have applied the security patch to all the online stores that they manage. If you are not sure if your Magento development company has applied this security patch, contact them asap.

If you want more detailed information about this vulnerability, check the post Check Point has published giving more details about the attack.

Subscribe to our mailing list

Our Personalization Solution

Want to increase conversions and sales of your eCommerce Website? Discover our 360º eCommerce Personalization Solution and Try it for Free!

Post your thoughts