Security News > 2020 > October > Critical Oracle WebLogic flaw actively targeted in attacks
Threat actors have started to hunt for servers running Oracle WebLogic instances vulnerable to a critical flaw that allows taking control of the system with little effort and no authentication.
Oracle fixed the vulnerability in this month's release of Critical Patch Update, crediting security researcher Voidfyoo of Chaitin Security Research Lab for finding and reporting it.
Honeypots set up by the SANS Technology Institute caught the attacks shortly after exploit code for CVE-2020-14882 emerged in the public space.
A search on Spyse engine for scanning and collecting reconnaissance information from exposed assets shows that there are more than 3,000 Oracle WebLogic servers reachable over the public internet and potentially vulnerable to CVE-2020-14882.
The attacks observed by SANS come a little over a week after Oracle released a patch for CVE-2020-14882.
News URL
Related news
- CISA tags critical Ivanti EPM flaws as actively exploited in attacks (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)
- Critical GitHub Attack (source)
- Critical Cisco Smart Licensing Utility flaws now exploited in attacks (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- Critical auth bypass bug in CrushFTP now exploited in attacks (source)
- SAP fixes critical Netweaver flaw exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-21 | CVE-2020-14882 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). | 0.0 |