Blog

Black Arrow Cyber Advisory – Spring4Shell Remote Code Execution Vulnerability – update 05/04/2022 under active exploitation

Update 05/04/2022: CISA have now confirmed that there is Active Exploitation of Critical Spring4Shell Vulnerability. It is recommended that patches are applied as soon as possible.

Executive Summary

Spring Core is a popular framework used for creating Java-based enterprise applications. Spring4Shell is a critical zero-day bug within this framework, that allows attackers to remotely execute code on affecting systems running certain, non-default configurations. Due to the popularity, Spring Core may be found within many java-based enterprise applications, and Java, is an almost ubiquitous software that’s found in billions of devices across the globe, from the enterprise to the home. The bug has been deemed “Critical”, primarily due to the remote root or administrator capabilities of an attacker if exploited.

This bug is currently receiving a large quantity of media attention. While we do not believe that this issue is of major concern at this time, it is something that is important to be aware of. We will continue to monitor and upgrade our advisory if we deem appropriate.

Black Arrow Cyber Advisory – Spring 4 Shell Remote Code Execution Vulnerability

Executive Summary

Spring Core is a popular framework used for creating Java-based enterprise applications. Spring4Shell is a critical zero-day bug within this framework, that allows attackers to remotely execute code on affecting systems running certain, non-default configurations. Due to the popularity, Spring Core may be found within many java-based enterprise applications, and Java, is an almost ubiquitous software that’s found in billions of devices across the globe, from the enterprise to the home. The bug has been deemed “Critical”, primarily due to the remote root or administrator capabilities of an attacker if exploited.