It is also a critical arbitrary remote code execution flaw present in Apache Log4j 2, an open-source logging framework. Log4Shellis a vulnerability with a CVE-2021-44228 and a CVSS score of 100. Not the first time the flaw is being detected ![]() The Log4j vulnerabilities are present on versions7.x and 8.x of the VMware Horizon servers. ![]() These activities were used for various things, including deploying malicious software, exfiltrating data, or deploying ransomware.Īs mentioned earlier, the exploit is being conducted on VMware Horizon servers that have not been patched. After the initial attack was launched, a series of post-exploitation activities were also conducted. The web shell was then deployed, after which it served as a tool to be used in carrying out a variety of attacks. This file was later executed, such that it introduced a web shell into the VM Blast Secure Gateway service. In the alert, the NHS noted, “The attack likely consists of a reconnaissance phase, where the attacker uses the Java Naming and Directory InterfaceTM (JNDI) via Log4Shell payloads to callback to malicious infrastructure.”Īdditionally, the report stated that once the threat actor identified the weakness, they went ahead to use the Lightweight Directory Access Protocol (LDAP) to retrieve a malicious Java class file. As such, they conducted consecutive attacks on the servers. The report noted that an unknown threat actor was using the vulnerability to send malicious web shells and create a persistent attack mode. ![]() Unknown threat actors exploiting a flaw on VMware Horizon servers The digital security team at the NHS noted that the attackers were looking for unpatched flaws in VMware Horizon servers, with the threat actors behind the attack being unknown. The report notes that a threat actor is exploiting a flaw in these unpatched servers, noting that the threat actor behind the attack has not been identified. The UK National Health Service (NHS) has issued a report on the Log4Shell vulnerabilities in VMware Horizon servers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |