IBM has discovered a vulnerability in the IBM SDK, Java Technology Edition, that allows threat actors to execute arbitrary code on the system due to unsafe deserialization.
This vulnerability exists in the Object Request Broker (ORB) and is given a CVE ID: CVE-2022-40609.
ORB is a middleware application component that is used to make program calls between computers on the network using remote procedure calls (RPC). It also provided transparency about the location.
A remote attacker can exploit this vulnerability by sending specially crafted data, which will result in arbitrary code execution on the system. The CVSS Score for this vulnerability is given as 8.1 (High).
Affected Product(s) | Version(s) | Fixed in Version |
IBM SDK, Java Technology Edition | 8.0.8.0 and earlier | 7.1.5.19 |
IBM SDK, Java Technology Edition | 7.1.5.18 and earlier | 8.0.8.5 |
This vulnerability is classified on the CWE (Common Weakness Enumeration) with CWE-502: Deserialization of Untrusted Data.
In response to this vulnerability, Red Hat has also released patches for their products Red Hat Enterprise Linux 7 Supplementary, and Red Hat Enterprise Linux 8 in order to fix this vulnerability.
Red Hat Enterprise Linux 7 with Java 1.7.1-ibm was found to be Out of support scope, as mentioned by Red Hat in their policies and advisory.
Furthermore, Tenable has also released plugins for this vulnerability for scanning this vulnerability through Nessus.
ID | Name | Product | Family | Severity |
179134 | IBM Java 7.1 < 7.1.5.19 / 8.0 < 8.0.8.5 | Nessus | Misc | CRITICAL |
179054 | RHEL 7 : java-1.8.0-ibm (RHSA-2023:4160) | Nessus | Red Hat Local Security Checks | HIGH |
Users of these products are recommended to upgrade to the latest versions for preventing exploitation from threat actors.
Keep informed about the latest Cyber Security News by following us on GoogleNews, Linkedin, Twitter, and Facebook.
Secure Ideas, a premier provider of penetration testing and security consulting services, proudly announces its…
Symantec has recently identified a sophisticated phishing campaign targeting users of Monex Securities (マネックス証券), a…
In a concerning development, CERT-UA, Ukraine's Computer Emergency Response Team, has reported a series of…
Hunters International, a ransomware group suspected to be a rebrand of the infamous Hive ransomware,…
In a recent cyberattack attributed to the Qilin ransomware group, threat actors successfully compromised a…
A newly uncovered cyber-espionage campaign, dubbed Operation HollowQuill, has been identified as targeting academic, governmental,…