KnownSec – WindowsTechs.com

Another Oracle WebLogic Server RCE under active exploitation

Posted on June 19, 2019 by Zeljka Zorz

Oracle has released an out-of-band fix for CVE-2019-2729, a critical deserialization vulnerability in a number of versions of Oracle WebLogic Server, and is urging customers to apply the security update as soon as possible. Speed is of the essence as, … Continue reading Another Oracle WebLogic Server RCE under active exploitation→

Researchers flag new Oracle WebLogic zero-day RCE flaw

Posted on April 25, 2019 by Zeljka Zorz

Attackers looking to compromise Oracle WebLogic servers for their own needs have a new zero-day RCE flaw at their disposal. “Oracle WebLogic wls9_async and wls-wsat components trigger deserialization remote command execution vulnerability. This v… Continue reading Researchers flag new Oracle WebLogic zero-day RCE flaw→