Priya Patel
TLDR:
- CISA has flagged a critical security flaw in Apache OFBiz, known as CVE-2024-38856, with a CVSS score of 9.8
- Proof-of-concept exploits have been made publicly available for the vulnerability, indicating active exploitation in the wild
Article Summary:
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified a critical security flaw in Apache OFBiz, a popular open-source enterprise resource planning (ERP) system. The vulnerability, named CVE-2024-38856, has a CVSS score of 9.8, signifying its critical severity. This flaw allows for remote code execution via a Groovy payload by an unauthenticated attacker in the context of the OFBiz user process. Earlier this month, SonicWall revealed a patch bypass vulnerability, CVE-2024-36104, which can also lead to remote code execution. The active exploitation of these vulnerabilities highlights a growing trend of attackers targeting disclosed vulnerabilities to breach susceptible instances for malicious purposes.
While specific details about how CVE-2024-38856 is being utilized in the wild remain undisclosed, proof-of-concept (PoC) exploits have been publicly released. As a precautionary measure, organizations are advised to update to version 18.12.15 of Apache OFBiz to safeguard against potential threats. Federal Civilian Executive Branch (FCEB) agencies have been instructed to implement the necessary updates by September 17, 2024. The increasing interest in exploiting Apache OFBiz flaws underscores the importance of timely patching and robust cybersecurity measures to mitigate risks.
