ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation.Referenceshttps://helpx.adobe.com/security/products/coldfusion/apsb20-18.html
