Image default

CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack

Feb 03, 2023Ravie LakshmananVulnerability Management

Oracle and SugarCRM Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on February 2 added two security flaws to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation.

The first of the two vulnerabilities is CVE-2022-21587 (CVSS score: 9.8), a critical issue impacting versions 12.2.3 to 12.2.11 of the Oracle Web Applications Desktop Integrator product.

“Oracle E-Business Suite contains an unspecified vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator,” CISA said.

The issue was addressed by Oracle as part of its Critical Patch Update released in October 2022. Not much is known about the nature of the attacks exploiting the vulnerability, but the development follows the publication of a proof-of-concept (PoC) by cybersecurity firm Viettel on January 16, 2023.

The second security flaw to be added to the KEV catalog is CVE-2023-22952 (CVSS score: 8.8), which relates to a case of missing input validation in SugarCRM that could result in the injection of arbitrary PHP code. The bug has been fixed in SugarCRM versions 11.0.5 and 12.0.2.

The development comes a week after CISA also added CVE-2017-11357 (CVSS score: 9.8), a severe security vulnerability impacting Telerik UI that could facilitate arbitrary file uploads or remote code execution.

In light of active exploitation attempts, Federal Civilian Executive Branch (FCEB) agencies in the U.S. are required to apply the patches by February 23, 2023.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.


Related posts

What Stays on Facebook and What Goes? The Social Network Cannot Answer


Microsoft: Iranian Nation-State Group Sanctioned by U.S. Behind Charlie Hebdo Hack

James Horns

Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware

James Horns

New Agenda Ransomware Variant, Written in Rust, Aiming at Critical Infrastructure

James Horns

Cisco Issues Warning for Unpatched Vulnerabilities in EoL Business Routers

James Horns

MyloBot Botnet Spreading Rapidly Worldwide: Infecting Over 50,000 Devices Daily

James Horns

Leave a Comment