Menu

Blog

Dec 19, 2023

8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware

Posted by in category: cybercrime/malcode

The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware.

The security shortcoming is CVE-2020–14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers.

“This vulnerability allows remote authenticated attackers to execute code using a gadget chain and is commonly chained with CVE-2020–14882 (an authentication bypass vulnerability also affecting Oracle Weblogic Server) or the use of leaked, stolen, or weak credentials,” Imperva said in a report published last week.

Comments are closed.