Advertisement Banner
  • Home
  • News
  • Cyber News
  • Contact
No Result
View All Result
  • Home
  • News
  • Cyber News
  • Contact
No Result
View All Result
Wellnessnewshubb
No Result
View All Result
Home Cyber News

Exploitation attempts for Oracle E-Business Suite flaw observed after PoC releaseSecurity Affairs

admin by admin
February 3, 2023
in Cyber News


Threat actors started exploiting a critical Oracle E-Business Suite flaw, tracked as CVE-2022-21587, shortly after a PoC was published.

Shadowserver researchers warn that threat actors have started attempting to exploit critical Oracle E-Business Suite flaw (CVE-2022-21587) shortly after a PoC was published.

Since Jan 21st we are seeing exploitation attempts in our honeypot sensors for Oracle E-Business Suite CVE-2022-21587 (CVSS 9.8 RCE) shortly after a PoC was published. Advisory & patch was issued by Oracle in Oct 2022: https://t.co/QRDKaHEREU

NVD entry: https://t.co/wdbGuX5rTj

— Shadowserver (@Shadowserver) January 25, 2023

The E-Business Suite is a set of enterprise applications that allows organizations automate processes such as supply chain management (SCM), enterprise resource planning (ERP), and customer relationship management (CRM).

The vulnerability resides in the Web Applications Desktop Integrator of Oracle’s enterprise product and was addressed in October 2022.

An unauthenticated attacker can easily exploit the flaw via HTTP to take over Oracle Web Applications Desktop Integrator installs. The issue impacts versions 12.2.3-12.2.11.

“Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator.” reads the advisory.

Shadowserver reported to have observed first exploitation attempts on January 21, only five days after the cybersecurity firm Viettel Cyber Security released a PoC exploit code for this issue.

The researchers recommend to install the patch from Oracle to address the issue, however, if they cannot do it, that can use the firewall to block requests sent to the following URLs:

  • /OA_HTML/BneUploaderService
  • /OA_HTML/BneViewerXMLService
  • /OA_HTML/BneDownloadService
  • /OA_HTML/BneOfflineLOVService

US CISA added the CVE-2022-21587 flaw to its Known Exploited Vulnerabilities (KEV) catalog ordering federal agencies to fix it by February 23, 2023.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, CVE-2022-21587)



Share On






Source link

Previous Post

‘IMF Conditions Unimaginable, but will have to agree’ Pakistan in Economic Doldrums –

Next Post

Sri Lanka’s Flawed Path to Independence  – The Diplomat

Next Post

Sri Lanka’s Flawed Path to Independence  – The Diplomat

Recommended

Crypto tax rules are reducing government revenue: CoinDCX

2 months ago

Locals protest against NTPC, seek their withdrawal from state –

2 months ago

© 2022 Law Enforcement News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Cyber News
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • News
  • Cyber News
  • Contact

© 2022 Law Enforcement News Hubb All rights reserved.