all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-4528: Java Deserialization Vulnerability in JSCAPE MFT (Fixed)

Add to bookmarks
Sept. 7, 2023, 3:05 p.m. | Ron Bowes

Rapid7 Blog blog.rapid7.com

In August 2023, Rapid7 discovered CVE-2023-4528, a Java deserialization vulnerability in Redwood Software’s JSCAPE MFT secure managed file transfer product. Successful exploitation can run arbitrary Java code as the `root` on Linux or the `SYSTEM` user on Windows.

august code cve deserialization exploitation file file transfer java java deserialization linux managed managed file transfer mft product rapid7 root run software system transfer vulnerability vulnerability disclosure windows

Visit resource

More from blog.rapid7.com / Rapid7 Blog

Metasploit Weekly Wrap-Up 05/03/24 1 day, 12 hours ago | blog.rapid7.com
cve cve-2024 improvement metasploit +6
The Take Command Summit: A Stacked Agenda, and Killer Guest Speakers Coming Your Way May … 2 days, 17 hours ago | blog.rapid7.com
challenges coming command cybersecurity +14
The Business of Cybersecurity Ownership 3 days, 17 hours ago | blog.rapid7.com
accountability business can ciso +6
Velociraptor 0.7.2 Release: Digging Deeper than Ever with EWF Support, Dynamic DNS and More 4 days, 16 hours ago | blog.rapid7.com
discuss dns download dynamic +7
Metasploit Weekly Wrap-Up 04/26/24 1 week, 1 day ago | blog.rapid7.com
addition application clusters community +20
USF College of Engineering Presents Rapid7 With 2024 Corporate Impact Award 1 week, 4 days ago | blog.rapid7.com
april award awards beyond +11
Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise 1 week, 4 days ago | blog.rapid7.com
access account account access administrator +26
Take Command Summit: Take Breaches from Inevitable to Preventable on May 21 1 week, 5 days ago | blog.rapid7.com
attack aws breaches command +14
Metasploit Weekly Wrap-Up 04/19/24 2 weeks, 1 day ago | blog.rapid7.com
crushftp emergent threat response exploit framework +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Technical Senior Manager, SecOps | Remote US

@ Coalfire | United States
View on infosec-jobs.com

Global Cybersecurity Governance Analyst

@ UL Solutions | United States
View on infosec-jobs.com

Security Engineer II, AWS Offensive Security

@ Amazon.com | US, WA, Virtual Location - Washington
View on infosec-jobs.com

Senior Cyber Threat Intelligence Analyst

@ Sainsbury's | Coventry, West Midlands, United Kingdom
View on infosec-jobs.com

Embedded Global Intelligence and Threat Monitoring Analyst

@ Sibylline Ltd | Austin, Texas, United States
View on infosec-jobs.com

Senior Security Engineer

@ Curai Health | Remote
View on infosec-jobs.com
View more jobs