As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
This week, a new critical alert requires the mission-critical community’s immediate attention.
MCP is actively monitoring a critical remote code execution (RCE) vulnerability in the Apache Struts framework, which is used to create enterprise-ready Java web applications. This vulnerability was flagged by the National Institute of Standards and Technology (NIST) Information Technology Laboratory and carries a Common Vulnerabilities and Exposures Program identifier of CVE-2023-50164.
The vulnerability should be patched immediately because public exploits are available, and active exploitation attempts have been seen in the wild. For instance, sensors employed by the Shadowserver Foundation — which gathers and analyzes data regarding malicious internet activity — have flagged attempted cyberattacks that exploit this vulnerability. The patch can be found here.
The path-traversal flaw affects Apache Struts versions before 6.3.0.2 and 2.5.33, and allows RCE. It may enable cyberattackers to upload malicious files, potentially leading to data theft, service disruption, or network lateral movement.
This vulnerability is significant due to Apache Struts' widespread usage, including within some Cisco networking devices. Cisco is actively investigating the impact on its products.
MCP recommends the following actions to limit the impact of potential cyberattacks: