Security News > 2021 > December > Researchers release 'vaccine' for critical Log4Shell vulnerability
Researchers from cybersecurity firm Cybereason has released a "Vaccine" that can be used to remotely mitigate the critical 'Log4Shell' Apache Log4j code execution vulnerability running rampant through the Internet.
Early this morning, researchers released a proof-of-concept exploit for a zero-day remote code execution vulnerability in Apache Log4j tracked as CVE-2021-44228 and dubbed 'Log4Shell.
While Apache quickly released Log4j 2.15.0 to resolve the vulnerability, the vulnerability is trivial to exploit, and cybersecurity firms and researchers quickly saw attackers scan and attempt to compromise vulnerable devices.
Friday evening, cybersecurity firm Cybereason released a script, or "Vaccine," that exploits the vulnerability to turn off a setting in remote, vulnerable Log4Shell instance.
Basically, the vaccine fixes the vulnerability by exploiting the vulnerable server.
There is also concern that security researchers may use the vulnerability to remotely fix servers, even though doing something like this is considered illegal.
News URL
Related news
- GitLab warns of critical pipeline execution vulnerability (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)
- Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks (source)
- CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns (source)
- PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) (source)
- Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers (source)
- Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-10 | CVE-2021-44228 | Deserialization of Untrusted Data vulnerability in multiple products Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. network low complexity apache siemens intel debian fedoraproject sonicwall netapp cisco snowsoftware bentley percussion apple CWE-502 critical | 10.0 |