Security advisories

Critical Oracle Remote Code Execution Vulnerability

October 28, 2020 | 1 MIN READ

Speak With A Security Expert Now

TALK TO AN EXPERT

THE THREAT

Technical details of the Oracle Remote Code Execution (RCE) vulnerability CVE-2020-14882 were publicly released on October 28, 2020 [1]. This vulnerability affects multiple versions of the Oracle WebLogic Server. Exploitation of CVE-2020-14882 is considered trivial and can result in the full takeover of vulnerable Oracle WebLogic Servers.

eSentire assesses with high confidence that public exploitation of CVE-2020-14882 by threat actors is imminent. Organizations are strongly recommended to apply the official security patches as soon as possible.

What we’re doing about it

What you should do about it

Additional information

CVE-2020-14882 received a base criticality rating of 9.8 out of 10.

The vulnerability resides in the Oracle WebLogic Server product of Oracle Fusion Middleware. In order to exploit CVE-2020-14882, a threat actor requires network access via HTTP. Exploitation is achieved via a malicious POST request.

In the October Oracle patch on October 21st, multiple other critical vulnerabilities were released. Other vulnerabilities of specific note include CVE-2020-14841, CVE-2020-14825, and CVE-202014859. Organizations are recommended to ensure that all Oracle systems are up to date with the most recent security updates.

Affected Oracle Versions:

References:

[1] https://testbnull.medium.com/weblogic-rce-by-only-one-get-request-cve-2020-14882-analysis-6e4b09981dbf

[2] https://www.oracle.com/security-alerts/cpuoct2020.html;

View Most Recent Advisories