CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack

1 year ago AndyC

The
U.S.
Cybersecurity
and
Infrastructure
Security
Agency
(CISA)
on
February
2

added
two
security
flaws
to
its
Known
Exploited
Vulnerabilities
(KEV)
Catalog,
citing
evidence
of
active
exploitation.

CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack

CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack

The
U.S.
Cybersecurity
and
Infrastructure
Security
Agency
(CISA)
on
February
2

added
two
security
flaws
to
its
Known
Exploited
Vulnerabilities
(KEV)
Catalog,
citing
evidence
of
active
exploitation.

The
first
of
the
two
vulnerabilities
is

CVE-2022-21587
(CVSS
score:
9.8),
a
critical
issue
impacting
versions
12.2.3
to
12.2.11
of
the
Oracle
Web
Applications
Desktop
Integrator
product.

“Oracle
E-Business
Suite
contains
an
unspecified
vulnerability
that
allows
an
unauthenticated
attacker
with
network
access
via
HTTP
to
compromise
Oracle
Web
Applications
Desktop
Integrator,”
CISA

said.

The
issue
was
addressed
by
Oracle
as
part
of
its

Critical
Patch
Update
released
in
October
2022.
Not
much
is
known
about
the
nature
of
the
attacks
exploiting
the
vulnerability.

The
second
security
flaw
to
be
added
to
the
KEV
catalog
is

CVE-2023-22952
(CVSS
score:
8.8),
which
relates
to
a
case
of

missing
input
validation
in
SugarCRM
that
could
result
in
the
injection
of
arbitrary
PHP
code.
The
bug
has
been
fixed
in
SugarCRM
versions
11.0.5
and
12.0.2.

The
development
comes
a
week
after
CISA
also
added

CVE-2017-11357
(CVSS
score:
9.8),
a
severe
security
vulnerability
impacting
Telerik
UI
that
could
facilitate
arbitrary
file
uploads
or
remote
code
execution.

In
light
of
active
exploitation
attempts,
Federal
Civilian
Executive
Branch
(FCEB)
agencies
in
the
U.S.
are
required
to
apply
the
patches
by
February
23,
2023.

Found
this
article
interesting?
Follow
us
on

Twitter


and

LinkedIn
to
read
more
exclusive
content
we
post.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

More Stories

Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking

Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking

16 hours ago AndyC
New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs

New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs

22 hours ago AndyC
China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT

China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT

22 hours ago AndyC
Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks

Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks

22 hours ago AndyC
CISA Warns of Actively Exploited D-Link Router Vulnerabilities - Patch Now

CISA Warns of Actively Exploited D-Link Router Vulnerabilities – Patch Now

1 day ago AndyC
New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks

New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks

2 days ago AndyC

You may have missed

The who, where, and how of APT attacks – Week in security with Tony Anscombe

The who, where, and how of APT attacks – Week in security with Tony Anscombe

38 mins ago AndyC
Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs

Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs

10 hours ago AndyC

Friday Squid Blogging: Emotional Support Squid

10 hours ago AndyC

How to Protect Yourself on Social Networks

16 hours ago AndyC
Nissan reveals ransomware attack exposed 53,000 workers' social security numbers

Nissan reveals ransomware attack exposed 53,000 workers’ social security numbers

16 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.