The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal civilian agencies on Thursday to patch a critical Sophos firewall bug and seven other vulnerabilities within the next three weeks, all exploited in ongoing attacks. […]
Currently browsing: Technology
VU#970766: Spring Framework insecurely handles PropertyDescriptor objects with data binding
Overview
The Spring Framework insecurely handles PropertyDescriptor objects, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
Description
The Spring Framework is a Java framework that can be used to create applications such as web applications. Due to improper handling of PropertyDescriptor objects used with data binding, Java applications written with Spring may allow for the execution of arbitrary code.
Exploit code that targets affected WAR-packaged Java code for tomcat servers is publicly available.
NCSC-NL has a list of products and their statuses with respect to this vulnerability.
Impact
By providing crafted data to a Spring Java application, such as a web application, an attacker may be able to execute arbitrary code with the privileges of the affected application. Depending on the application, exploitation may be possible by a remote attacker without requiring authentication.
Solution
Apply an update
This issue is addressed in Spring Framework 5.3.18 and 5.2.20. Please see the Spring Framework RCE Early Announcement for more details.
Acknowledgements
This issue was publicly disclosed by heige.
This document was written by Will Dormann
Microsoft Exchange targeted for IcedID reply-chain hijacking attacks
The distribution of the IcedID malware has returned to notable numbers thanks to a new campaign that hijacks existing email conversations threads and injects payloads that are hard to spot as malicious. […]
Russia facing internet outages due to equipment shortage
The Commission for Communications and IT at “PCΠΠ”, the country’s largest entrepreneurship union, has warned about the rising threat of extensive service outages due to a lack of telecom equipment. […]
US says Kaspersky poses unacceptable risk to national security
The Federal Communications Commission (FCC) added Russian cybersecurity firm Kaspersky to its Covered List, saying it poses unacceptable risks to U.S. national security. […]
Critical Sophos Firewall vulnerability allows remote code execution
Sophos has fixed a critical vulnerability in its Sophos Firewall product that allows remote code execution. Tracked as CVE-2022-1040, the authentication bypass vulnerability exists in the User Portal and Webadmin areas of Sophos Firewall. […]
Microsoft: Recent Windows Server updates cause DNS issues
Microsoft has addressed a new known issue causing DNS stub zones loading failures that could lead to DNS resolution issues on Windows Server 2019 systems. […]
5 Types of Remote Access Hacking Exploited During COVID-19
With the rise of a remote working population, “remote hackers” have been re-emerging as well. These remote hackers take advantage […]
Wormhole cryptotrading company turns over $340,000,000 to criminals
This week, cryptocurrency company Wormhole lived up to its name by exposing an exploitable vulnerability that apparently allowed cybercriminals to run off with an eye-watering 120,000 Ether tokens.
Elementor WordPress plugin has a gaping security hole – update now
If you run a WordPress site and you use the Elementor website creation toolkit, you could be at risk of a security hole that combines data leakage and remote code execution.
Recent Posts
-
VU#473698: uClibc, uClibc-ng libraries have monotonically increasing DNS transaction ID
-
VU#730007: Tychon is vulnerable to privilege escalation due to OPENSSLDIR location
-
VU#411271: Qt allows for privilege escalation due to hard-coding of qt_prfxpath value
-
CISA orders agencies to fix actively exploited VMware, Chrome bugs -
Microsoft: Office 2013 will reach end of support in April 2023