AmirFedida (9)
Last Login: February 15, 2022
AmirFedida's Latest (3) Contributions
Technical Analysis
Google is aware of reports that an exploit for CVE-2022-0609 exists in the wild.
Technical Analysis
New zero-day, aka Log4Shell or LogJam, is an unauthenticated remote code execution issue enabling full system compromise. CVE-2021-44228 analysis shows that all systems running Log4j 2.0-beta9 through 2.14.1 are vulnerable. Moreover, since the security issue impacts the default configs for most of Apache frameworks, such as Apache Struts2, Apache Solr, Apache Druid, Apache Flink, a wide range of software and web apps used by both enterprises and individual users are exposed to the attacks.
Technical Analysis
Apple is aware of a report that this issue may have been actively exploited.