Latest Security Update from Oracle Weblogic

If you haven’t already read about it, Oracle has released its Critical Patch Update for April 2019 to address 297 vulnerabilities across multiple products on April 16, 2019.

On Friday, April 26, 2019, Oracle released an important fix (what they refer to as an “overlay”) for Oracle WebLogic Server component of Oracle Fusion Middleware. Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. This is not to be confused by the update that came out in 2018. This is a net-new vulnerability and patch. This is identified by CVE-2019-2725. Was just listening to the SANS ISC StormCast (April 29, 2019) this morning and they made mention of it. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The exploit has been confirmed as The Storm Center has noted that their honeypot has seen exploitation using this bug and successful install of cryptocoin miners.

Download the latest exploit code – https://www.exploit-db.com/exploits/46450

Here is the ISC’s write-up of the vulnerability – https://isc.sans.edu/forums/diary/Update+about+Weblogic+CVE20192725+Exploits+Used+in+the+Wild+Patch+Status/24890/

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.