Security News > 2021 > July > Critical RCE Vulnerability in ForgeRock OpenAM Under Active Attack
Attackers are actively exploiting a critical, pre-authorization remote-code execution vulnerability in the popular Access Management platform from digital identity management firm ForgeRock.
On Monday morning, the Cybersecurity and Infrastructure Security Agency warned that the vulnerability could enable attackers to execute commands in the context of the current user.
ForgeRock said in an updated security advisory that the flaw doesn't affect Access Management 7 and above.
Within hours of Stepankin's post on June 29, ForgeRock released a workaround and advisory to its customers to protect them from the vulnerability.
Even in solutions designed for authentication, you can find a big attack surface available without any auth.
Marcus Hartwig, manager of security analytics at cybersecurity firm Vectra, told Threatpost on Monday that identity and access management platforms like OpenAM are "Always ripe targets for attackers since they allow attackers to access multiple downstream applications federated with the solution."
News URL
https://threatpost.com/critical-vulnerability-rce-forgerock-openam/167679/
Related news
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist (source)
- Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication (source)
- CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks (source)
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)