Security News > 2020 > October > Critical Oracle WebLogic flaw actively targeted in attacks
Threat actors have started to hunt for servers running Oracle WebLogic instances vulnerable to a critical flaw that allows taking control of the system with little effort and no authentication.
Oracle fixed the vulnerability in this month's release of Critical Patch Update, crediting security researcher Voidfyoo of Chaitin Security Research Lab for finding and reporting it.
Honeypots set up by the SANS Technology Institute caught the attacks shortly after exploit code for CVE-2020-14882 emerged in the public space.
A search on Spyse engine for scanning and collecting reconnaissance information from exposed assets shows that there are more than 3,000 Oracle WebLogic servers reachable over the public internet and potentially vulnerable to CVE-2020-14882.
The attacks observed by SANS come a little over a week after Oracle released a patch for CVE-2020-14882.
News URL
Related news
- Oracle WebLogic Server OS Command Injection Flaw Under Active Attack (source)
- London hospitals left in critical condition after ransomware attack (source)
- 7-year-old Oracle WebLogic bug under active exploitation (source)
- 8220 Gang Exploits Oracle WebLogic Server Flaws for Cryptocurrency Mining (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-21 | CVE-2020-14882 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). | 10.0 |