Multiple enterprises like Apple, Amazon, Twitter, Steam, and thousands more are likely vulnerable to exploits targeting Log4j vulnerability. Others can be affected by resulting supply chain attacks.
Exploits for a severe zero-day vulnerability (CVE-2021-44228) in the Log4j Java-based logging library are shared online, exposing many to remote code execution (RCE) attacks.
According to GreyNoise, a web monitoring service, around 100 distinct hosts are scanning the internet for ways to exploit Log4J vulnerability, which is also called Log4Shell or LogJam.
Worryingly, the exploit of the vulnerability results in an RCE by logging a certain string in the module. Log4j is used by billions of devices worldwide or integral in the software supply chain.
“The log4j vulnerability is a significant threat for exploitation due to the widespread inclusion in software frameworks, even NSA’s GHIDRA,” Robert Joyce, the Director of Cybersecurity at the NSA, tweeted.
The resulting impact of the vulnerability will likely cause many IT departments to work severe overtime, trying to mitigate the risk over the weekend.
The Apache Software Foundation has released a security update to patch the vulnerability in Log4j. The patch fixes an RCE vulnerability.
The potential to abuse the vulnerability is hardly measurable at the moment. However, RCE attacks are among the most dangerous any system can go through. The vulnerability allows threat actors to access any system using Log4j.
It can become a novel attack vector for ransomware deployment and other criminal activities, albeit it‘s too soon to tell the full impact of the Log4Shell vulnerability.
The vulnerability in the open-source logging utility has been discovered concerning the well-known game Minecraft. The sites serving game users warned of malicious code on servers that run the Java version of the game by manipulating log messages.
Log4j is incorporated in widely used Apache-related frameworks, which means the spread of vulnerability might be like something never seen before.
Companies with servers confirmed to be vulnerable to Log4Shell attack include Apple, Amazon, Twitter, Steam, Baidu, NetEase, Tencent, Elastic and likely hundreds if not thousands more.
More from CyberNews
Subscribe to our newsletter