Recently, a vulnerability in Oracle's E-Business Suite was identified and patched as part of Oracle's October 2022 Critical Patch Update. This vulnerability, tracked as CVE-2022-21587, is a security defect in the Web Applications Desktop Integrator that can be exploited by unauthenticated attackers with network access via HTTP. After a proof-of-concept code was published, exploitation attempts were observed by Shadowserver on January 21st. CISA has added CVE-2022-21587 to its Known Exploited Vulnerabilities catalog and urged Oracle customers to apply the available patches as soon as possible. Additionally, CISA has warned of observed exploitation of CVE-2023-22952, a high-severity remote code execution flaw in SugarCRM. This vulnerability, which impacts the EmailTemplates, is a missing input validation defect that allows an attacker to inject custom PHP code using crafted requests. Patches for this vulnerability were released on January 11, 2023 and shortly after exploitation began, Censys reported seeing hundreds of SugarCRM servers being hacked.
It has been observed that shortly after a proof-of-concept code was published for a critical-severity Oracle E-Business Suite vulnerability, exploitation attempts have been made. This vulnerability, tracked as CVE-2022-21587, is a security defect in the Web Applications Desktop Integrator that can be exploited by unauthenticated attackers with network access via HTTP. CISA has added this vulnerability to its Known Exploited Vulnerabilities catalog and urged Oracle customers to apply the available patches as soon as possible. Additionally, CISA has warned of observed exploitation of CVE-2023-22952, a high-severity remote code execution flaw in SugarCRM. This vulnerability, which impacts the EmailTemplates, is a missing input validation defect that allows an attacker to inject custom PHP code using crafted requests. Patches for this vulnerability were released on January 11, 2023 and shortly after exploitation began, Censys reported seeing hundreds of SugarCRM servers being hacked.
This Cyber News was published on www.securityweek.com. Publication date: Fri, 03 Feb 2023 16:55:03 +0000