New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar | allinfosecnews.com

Nov. 15, 2023, 1:49 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory.
Tracked as CVE-2023-46604 (CVSS score: 10.0), the vulnerability is a remote code execution bug that could permit a threat actor to run arbitrary shell commands.
It was patched by Apache in ActiveMQ versions 5.15.16, 5.16.7, 5.17.6,

activemq actor apache apache activemq arbitrary code attackers bug code code execution critical cve cve-2023-46604 cvss cybersecurity exploit exploits flaw memory poc poc exploit radar remote code remote code execution researchers run score security security flaw threat threat actor under under the radar vulnerability

More from thehackernews.com / The Hacker News

AI Company Hugging Face Notifies Users of Suspected Unauthorized Access 21 hours ago | thehackernews.com

access advisory artificial artificial intelligence +9

Mysterious Cyber Attack Took Down 600,000+ Routers in the U.S. 1 day, 12 hours ago | thehackernews.com

access attack bricked cyber +12

Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices 1 day, 15 hours ago | thehackernews.com

attacks critical critical systems cyber +18

Beyond Threat Detection – A Race to Digital Security 1 day, 18 hours ago | thehackernews.com

attack attack surface benefits beyond +15

Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting 1 day, 19 hours ago | thehackernews.com

actor apt28 bear blizzard +24

OpenAI, Meta, TikTok Disrupt Multiple AI-Powered Disinformation Campaigns 1 day, 21 hours ago | thehackernews.com

abuse ai-powered artificial artificial intelligence +21

CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw 2 days, 11 hours ago | thehackernews.com

actively exploited agency alerts bug +34

FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine 2 days, 12 hours ago | thehackernews.com

access actor anxiety called +20

Cyber Espionage Alert: LilacSquid Targets IT, Energy, and Pharma Sectors 2 days, 13 hours ago | thehackernews.com

access actor alert asia +23

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com