all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar

Add to bookmarks
Nov. 15, 2023, 1:49 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory.
Tracked as CVE-2023-46604 (CVSS score: 10.0), the vulnerability is a remote code execution bug that could permit a threat actor to run arbitrary shell commands.
It was patched by Apache in ActiveMQ versions 5.15.16, 5.16.7, 5.17.6,

activemq actor apache apache activemq arbitrary code attackers bug code code execution critical cve cve-2023-46604 cvss cybersecurity exploit exploits flaw memory poc poc exploit radar remote code remote code execution researchers run score security security flaw threat threat actor under under the radar vulnerability

Visit resource

More from thehackernews.com / The Hacker News

Google Unveils RETVec - Gmail's New Defense Against Spam and Malicious Emails 10 hours ago | thehackernews.com
called defense deletion detect +10
North Korea's Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks 12 hours ago | thehackernews.com
cryptocurrency dprk hacks korea +14
This Free Solution Provides Essential Third-Party Risk Management for SaaS 12 hours ago | thehackernews.com
article assessment basic companies +18
7 Uses for Generative AI to Enhance Security Operations 12 hours ago | thehackernews.com
artificial artificial intelligence attention cybersecurity +11
CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks 12 hours ago | thehackernews.com
analytics attacks business business intelligence +23
U.S. Treasury Sanctions Sinbad Cryptocurrency Mixer Used by North Korean Hackers 17 hours ago | thehackernews.com
bridge cryptocurrency cryptocurrency mixer currency +19
Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S. 1 day, 10 hours ago | thehackernews.com
agency aliquippa attack authority +24
200+ Malicious Apps on Iranian Android Store Installed by Millions of Banking Users 1 day, 13 hours ago | thehackernews.com
actor android android malware apps +20
Discover Why Proactive Web Security Outsmarts Traditional Antivirus Solutions 1 day, 14 hours ago | thehackernews.com
antivirus digital digital landscape discover +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Vice President, Cybersecurity and Runtime Operations

@ 2U | US-MD-Lanham//US-Remote
View on infosec-jobs.com

Dreadnought Product Security Lead - Submarines

@ Rolls-Royce | Derby - Jubilee House (UK-JH)
View on infosec-jobs.com

Senior Product Security Engineer

@ Narvar | Hybrid - Bengaluru
View on infosec-jobs.com

Managing Consultant - Advisors Business Development

@ Mastercard | Mumbai, India
View on infosec-jobs.com

Principal Security Engineer

@ Highspot | Vancouver, BC
View on infosec-jobs.com

Incident Response Specialist

@ Wabtec | Bengaluru - KA - IND (ITC Greens)
View on infosec-jobs.com
View more jobs