Security News > 2022 > April > CISA Warns of Active Exploitation of Critical Spring4Shell Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency on Monday added the recently disclosed remote code execution vulnerability affecting the Spring Framework, to its Known Exploited Vulnerabilities Catalog based on "Evidence of active exploitation."
The critical severity flaw, assigned the identifier CVE-2022-22965 and dubbed "Spring4Shell", impacts Spring model-view-controller and Spring WebFlux applications running on Java Development Kit 9 and later.
Although exact details of in-the-wild abuse remain unclear, information security company SecurityScorecard said "Active scanning for this vulnerability has been observed coming from the usual suspects like Russian and Chinese IP space."
Cisco, which is actively investigating its line-up to determine which of them may be impacted by the vulnerability, confirmed that three of its products are affected -.
"A malicious actor with network access to an impacted VMware product may exploit this issue to gain full control of the target system," VMware said in the advisory.
Pursuant to the Binding Operational Directive issued by CISA in November 2021, Federal Civilian Executive Branch agencies are required to remediate the identified vulnerabilities by April 25, 2022.
News URL
https://thehackernews.com/2022/04/cisa-warns-of-active-exploitation-of.html
Related news
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- FortiManager critical vulnerability under active attack (source)
- Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites (source)
- CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks (source)
- Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-01 | CVE-2022-22965 | Code Injection vulnerability in multiple products A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. | 9.8 |