- ITDM 2025 전망 | 금융 플랫폼 성패, 지속가능한 사업 가치 창출에 달렸다” KB국민카드 이호준 그룹장
- 2025年、CIOはAIに意欲的に投資する - そしてその先も
- The best robot vacuums for pet hair of 2024: Expert tested and reviewed
- These Sony headphones eased my XM5 envy with all-day comfort and plenty of bass
- I compared a $190 robot vacuum to a $550 one. Here's my buying advice
Critical Vulnerability in Apache OFBiz Requires Immediate Patching
Organizations utilizing Apache OFBiz have been warned to promptly address a critical vulnerability due to escalating exploitation attempts targeting a recently identified security flaw.
Tracked as CVE-2024-38856, the vulnerability was disclosed over the weekend. Apache OFBiz developers confirmed versions through 18.12.14 are impacted and included a fix in version 18.12.15.
According to an advisory published by the company on Sunday, the issue stems from unauthenticated endpoints that could allow the execution of screen-rendering code if specific preconditions are met.
These preconditions include instances where the screen definitions do not explicitly check user permissions, relying instead on the configuration of their endpoints. This vulnerability is being tracked internally under the identifier OFBIZ-13128.
SonicWall threat researchers, who discovered the flaw, described it as a critical issue enabling unauthenticated remote code execution (RCE). They attributed the root cause to a flaw in the authentication mechanism, which allows an unauthenticated user to access functionalities meant for logged-in users, potentially leading to RCE.
At the time of writing, SonicWall has not detected any attacks exploiting CVE-2024-38856. However, another recently discovered Apache OFBiz flaw, identified in May and tracked as CVE-2024-32113, appears to have been targeted by malicious actors.
This vulnerability, a path traversal bug, could also lead to remote command execution. The SANS Technology Institute’s Internet Storm Center reported increasing exploitation attempts of this flaw in late July.
There is evidence suggesting that attackers are experimenting with the new vulnerability, possibly integrating it into variants of the Mirai botnet. Apache OFBiz, a free framework for creating enterprise resource planning (ERP) applications, is used by several major companies, primarily in the US, India and Europe.
Read more on the Mirai botnet: Cyber Attackers Turn to Cloud Services to Deploy Malware
Users are strongly recommended to upgrade to version 18.12.15 to mitigate the newly identified threat.
Image credit: monticello / Shutterstock.com