Security News > 2021 > July > Critical RCE Vulnerability in ForgeRock OpenAM Under Active Attack
Attackers are actively exploiting a critical, pre-authorization remote-code execution vulnerability in the popular Access Management platform from digital identity management firm ForgeRock.
On Monday morning, the Cybersecurity and Infrastructure Security Agency warned that the vulnerability could enable attackers to execute commands in the context of the current user.
ForgeRock said in an updated security advisory that the flaw doesn't affect Access Management 7 and above.
Within hours of Stepankin's post on June 29, ForgeRock released a workaround and advisory to its customers to protect them from the vulnerability.
Even in solutions designed for authentication, you can find a big attack surface available without any auth.
Marcus Hartwig, manager of security analytics at cybersecurity firm Vectra, told Threatpost on Monday that identity and access management platforms like OpenAM are "Always ripe targets for attackers since they allow attackers to access multiple downstream applications federated with the solution."
News URL
https://threatpost.com/critical-vulnerability-rce-forgerock-openam/167679/
Related news
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- FortiManager critical vulnerability under active attack (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks (source)