Security News > 2021 > July > Critical RCE Vulnerability in ForgeRock OpenAM Under Active Attack
Attackers are actively exploiting a critical, pre-authorization remote-code execution vulnerability in the popular Access Management platform from digital identity management firm ForgeRock.
On Monday morning, the Cybersecurity and Infrastructure Security Agency warned that the vulnerability could enable attackers to execute commands in the context of the current user.
ForgeRock said in an updated security advisory that the flaw doesn't affect Access Management 7 and above.
Within hours of Stepankin's post on June 29, ForgeRock released a workaround and advisory to its customers to protect them from the vulnerability.
Even in solutions designed for authentication, you can find a big attack surface available without any auth.
Marcus Hartwig, manager of security analytics at cybersecurity firm Vectra, told Threatpost on Monday that identity and access management platforms like OpenAM are "Always ripe targets for attackers since they allow attackers to access multiple downstream applications federated with the solution."
News URL
https://threatpost.com/critical-vulnerability-rce-forgerock-openam/167679/
Related news
- Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- New Cleo zero-day RCE flaw exploited in data theft attacks (source)
- Apache issues patches for critical Struts 2 RCE bug (source)
- Cleo patches critical zero-day exploited in data theft attacks (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)