CISA Mentions Actively Exploited Critical Oracle Fusion Middleware Vulnerability
Reading Time: < 1 minute

On Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) stated the addition of two known exploited vulnerabilities to its (KEV) Catalog that impact Oracle Fusion Middleware, citing evidence of active exploitation.

Recently tracked CVE-2021-35587 vulnerability with a CVSS score of 9.8 and impacts Oracle Access Manager (OAM) versions,, and or earlier versions of the product while running in legacy mode on Windows operating systems with an LSA Protection Level configured to ‘None’.

Successful exploitation of the remote command execution vulnerability can allow an unauthenticated attacker with network access to completely compromise and take over Access Manager instances.

Vietnamese security researcher Nguyen Jang (Janggggg) who reported the bug along with peterjson, earlier in March said, “It may give the attacker access to OAM server, to create any user with any privileges, or just get code execution in the victim’s server.” Oracle addressed this issue in January 2022, as part of its Critical Patch Update.

Additional details about the nature of the attacks and their scale are not yet clear. Data from threat intelligence company GreyNoise shows that attempts to weaponize the flaw have been ongoingly originating from the U.S., China, Germany, Singapore, and Canada.

CISA has also added a recently patched heap buffer overflow flaw in the Google Chrome web browser (CVE2022-4135) to their KEV catalog – an exploit that the internet megacorp acknowledged being used in real life.

Federal agencies are required to apply the vendor patches by December 19th, 2022 to help protect their networks from potential threats.

Follow TechnoidHost for more interesting articles on Facebook and  Twitter

Related Articles:
Ireland’s Data Protection Commission Fines Facebook
New Baseboard Management Controller Firmware Flaws Expose Devices
Dell, HP, and Lenovo Devices Using Outdated OpenSSL Versions