Apache ActiveMQ Remote Code Execution Vulnerability

Read Time:45 Second

What is the Attack?

Ransomware attackers are targeting servers running outdated and vulnerable versions of Apache ActiveMQ by exploiting a recently fixed vulnerability (CVE-2023-46604). CVE-2023-46604 is an unauthenticated deserialization vulnerability in ActiveMQ’s OpenWire transport connector. Successful exploitation allows an attacker to execute arbitrary code with the same privileges of the ActiveMQ server.

What is the Vendor Solution?

Apache has released the patches to address CVE-2023-46604 and can be found here.

What FortiGuard Coverage is available?

FortiGuard Labs has released an Endpoint Vulnerability Signature “Apache ActiveMQ CVE-2023-46604 Remote Code Execution Vulnerability” to detect any vulnerable systems on customers network and is currently investigating an IPS protection for the CVE-2023-46604 and will update once available.

If you are unable to patch the Apache ActiveMQ systems, you should immediately block the systems from being accessible from the Internet, which will limit the attack surface.

The AI Fix #30: ChatGPT reveals the devastating truth about Santa (Merry Christmas!)

US and Japan Blame North Korea for $308m Crypto Heist

Spyware Maker NSO Group Found Liable for Hacking WhatsApp

Spyware Maker NSO Group Liable for WhatsApp User Hacks

Major Biometric Data Farming Operation Uncovered

Ransomware Attack Exposes Data of 5.6 Million Ascension Patients

Critical Vulnerabilities Found in WordPress Plugins WPLMS and VibeBP

Criminal Complaint against LockBit Ransomware Writer

Cryptomining Malware Found in Popular Open Source Packages

Apache ActiveMQ Remote Code Execution Vulnerability

DSA-5835-1 webkit2gtk – security update

openjpeg2-2.5.3-1.fc40

libxml2-2.12.9-1.fc40

libxml2-2.12.9-1.fc41

iwd-3.3-1.fc40 libell-0.71-1.fc40

iwd-3.3-1.fc41 libell-0.71-1.fc41