![]() CVE-2023-46604 patch differencesīased on AMQ-9370, we are able to check the root cause of the vulnerability, which is an issue pertaining to the validation of throwable class types when OpenWire commands are unmarshalled. Users are recommended to upgrade both Java OpenWire brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, as any of these fixes the issue. Apache ActiveMQ Legacy OpenWire Module 5.8.0 before 5.15.16.Apache ActiveMQ Legacy OpenWire Module 5.16.0 before 5.16.7.Apache ActiveMQ Legacy OpenWire Module 5.17.0 before 5.17.6.Apache ActiveMQ Legacy OpenWire Module 5.18.0 before 5.18.3.The following list details affected Apache ActiveMQ versions that are vulnerable to CVE-2023-46604: Once Kinsing infects a system, it deploys a cryptocurrency-mining script that exploits the host's resources to mine cryptocurrencies like Bitcoin, resulting in significant damage to the infrastructure and a negative impact on system performance. Recently, the threat actors behind Kinsing have been exploiting high-profile vulnerabilities such as CVE-2023-4911 (Looney Tunables). ![]() It gains entry by exploiting vulnerabilities in web applications or misconfigured container environments. The Kinsing malware is a critical threat that primarily targets Linux-based systems and can infiltrate servers and spread rapidly across a network. It also includes additional features like STOMP, Jakarta Messaging (JMS), and OpenWire. ![]() Its main function is to send messages between different applications. ![]() The vulnerability itself is due to OpenWire commands failing to validate throwable class type, leading to RCE.ĪctiveMQ (written in Java) is an open-source protocol developed by Apache that implements message-oriented middleware (MOM). When exploited, this vulnerability leads to remote code execution (RCE), which Kinsing uses to download and install malware. ![]() We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |