Security News > 2022 > April > CISA Warns of Active Exploitation of Critical Spring4Shell Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency on Monday added the recently disclosed remote code execution vulnerability affecting the Spring Framework, to its Known Exploited Vulnerabilities Catalog based on "Evidence of active exploitation."
The critical severity flaw, assigned the identifier CVE-2022-22965 and dubbed "Spring4Shell", impacts Spring model-view-controller and Spring WebFlux applications running on Java Development Kit 9 and later.
Although exact details of in-the-wild abuse remain unclear, information security company SecurityScorecard said "Active scanning for this vulnerability has been observed coming from the usual suspects like Russian and Chinese IP space."
Cisco, which is actively investigating its line-up to determine which of them may be impacted by the vulnerability, confirmed that three of its products are affected -.
"A malicious actor with network access to an impacted VMware product may exploit this issue to gain full control of the target system," VMware said in the advisory.
Pursuant to the Binding Operational Directive issued by CISA in November 2021, Federal Civilian Executive Branch agencies are required to remediate the identified vulnerabilities by April 25, 2022.
News URL
https://thehackernews.com/2022/04/cisa-warns-of-active-exploitation-of.html
Related news
- CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) (source)
- Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- CISA: Network switch RCE flaw impacts critical infrastructure (source)
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-01 | CVE-2022-22965 | Code Injection vulnerability in multiple products A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. | 9.8 |