Security News > 2022 > April > CISA Warns of Active Exploitation of Critical Spring4Shell Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency on Monday added the recently disclosed remote code execution vulnerability affecting the Spring Framework, to its Known Exploited Vulnerabilities Catalog based on "Evidence of active exploitation."
The critical severity flaw, assigned the identifier CVE-2022-22965 and dubbed "Spring4Shell", impacts Spring model-view-controller and Spring WebFlux applications running on Java Development Kit 9 and later.
Although exact details of in-the-wild abuse remain unclear, information security company SecurityScorecard said "Active scanning for this vulnerability has been observed coming from the usual suspects like Russian and Chinese IP space."
Cisco, which is actively investigating its line-up to determine which of them may be impacted by the vulnerability, confirmed that three of its products are affected -.
"A malicious actor with network access to an impacted VMware product may exploit this issue to gain full control of the target system," VMware said in the advisory.
Pursuant to the Binding Operational Directive issued by CISA in November 2021, Federal Civilian Executive Branch agencies are required to remediate the identified vulnerabilities by April 25, 2022.
News URL
https://thehackernews.com/2022/04/cisa-warns-of-active-exploitation-of.html
Related news
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors (source)
- Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score (source)
- CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-01 | CVE-2022-22965 | Code Injection vulnerability in multiple products A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. | 9.8 |