Security News > 2021 > July > ForgeRock AM Vulnerability Exploited in Attacks

Government agencies in the United States and Australia warn organizations that a vulnerability affecting ForgeRock Access Management has been exploited in the wild.

AM is based on the OpenAM open source solution, which ForgeRock sponsored until 2016.

The vulnerability discovered in ForgeRock AM, tracked as CVE-2021-35464 and rated critical, is a Java deserialization issue that can be exploited by an unauthenticated attacker for remote code execution by sending a specially crafted request to an exposed system.

Stepankin disclosed details of the vulnerability and shared proof-of-concept code in late June, when ForgeRock announced the availability of a patch and workarounds.

The U.S. Cybersecurity and Infrastructure Security Agency issued an alert on Monday, but it's unclear whether the agency has also observed attacks or if the warning is based on the ACSC alert, which is referenced by CISA. ForgeRock noted that an attacker can exploit the vulnerability to execute code in the context of the current user, which is why it has advised organizations to ensure that AM is running with minimal privileges.

"The ForgeRock AM deployment should also have suitable firewall, or security groups attached which do not allow traffic in or out of the server where not explicitly required," the company said.

News URL

http://feedproxy.google.com/~r/securityweek/~3/FhIeD5y6_dg/recently-patched-forgerock-am-vulnerability-exploited-attacks