all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar

Add to bookmarks
Nov. 15, 2023, 1:49 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory.
Tracked as CVE-2023-46604 (CVSS score: 10.0), the vulnerability is a remote code execution bug that could permit a threat actor to run arbitrary shell commands.
It was patched by Apache in ActiveMQ versions 5.15.16, 5.16.7, 5.17.6,

activemq actor apache apache activemq arbitrary code attackers bug code code execution critical cve cve-2023-46604 cvss cybersecurity exploit exploits flaw memory poc poc exploit radar remote code remote code execution researchers run score security security flaw threat threat actor under under the radar vulnerability

Visit resource

More from thehackernews.com / The Hacker News

A SaaS Security Challenge: Getting Permissions All in One Place 3 hours ago | thehackernews.com
access all in apps base +16
New Spectre-Style 'Pathfinder' Attack Targets Intel CPU, Leak Encryption Keys and Data 3 hours ago | thehackernews.com
academics advanced advanced encryption aes +30
The Fundamentals of Cloud Security Stress Testing 7 hours ago | thehackernews.com
assets attackers cloud cloud security +17
Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version 7 hours ago | thehackernews.com
aim analysis anti-analysis bypass +19
Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites 11 hours ago | thehackernews.com
accounts actively exploited admin bogus +25
Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator 1 day, 2 hours ago | thehackernews.com
addition administrator agency crime +17
APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data 1 day, 4 hours ago | thehackernews.com
academia access activists apt42 +32
China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion 1 day, 5 hours ago | thehackernews.com
attack back china china-linked hackers +16
New Case Study: The Malicious Comment 1 day, 7 hours ago | thehackernews.com
case code comments discover +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior PAM Security Engineer

@ Experian | Hyderabad, India
View on infosec-jobs.com

Cybersecurity Analyst II

@ Spry Methods | Washington, DC (Hybrid)
View on infosec-jobs.com

Cyber Security Engineer

@ Expleo | Gothenburg, AC, Sweden
View on infosec-jobs.com

Cybersecurity – Information System Security Manager (ISSM)

@ Boeing | USA - Albuquerque, NM
View on infosec-jobs.com

Senior Security Engineer - Canada

@ DataVisor | Ontario, Canada - Remote
View on infosec-jobs.com

Cybersecurity Architect

@ HARMAN International | JP Tokyo 3-5-7 Ariake Koto-ku
View on infosec-jobs.com
View more jobs