Log4j vulnerability, a bombshell zero-day exploit with global impact

Last updated: 14 December 2021
Hacker-Gloves

Multiple enterprises like Apple, Amazon, Twitter, Steam, and thousands more are likely vulnerable to exploits targeting Log4j vulnerability. Others can be affected by resulting supply chain attacks.

Exploits for a severe zero-day vulnerability (CVE-2021-44228) in the Log4j Java-based logging library are shared online, exposing many to remote code execution (RCE) attacks.

According to GreyNoise, a web monitoring service, around 100 distinct hosts are scanning the internet for ways to exploit Log4J vulnerability, which is also called Log4Shell or LogJam.

Worryingly, the exploit of the vulnerability results in an RCE by logging a certain string in the module. Log4j is used by billions of devices worldwide or integral in the software supply chain.

ADVERTISEMENT

“The log4j vulnerability is a significant threat for exploitation due to the widespread inclusion in software frameworks, even NSA’s GHIDRA,” Robert Joyce, the Director of Cybersecurity at the NSA, tweeted.

The resulting impact of the vulnerability will likely cause many IT departments to work severe overtime, trying to mitigate the risk over the weekend.

The Apache Software Foundation has released a security update to patch the vulnerability in Log4j. The patch fixes an RCE vulnerability.

The potential to abuse the vulnerability is hardly measurable at the moment. However, RCE attacks are among the most dangerous any system can go through. The vulnerability allows threat actors to access any system using Log4j.

It can become a novel attack vector for ransomware deployment and other criminal activities, albeit it‘s too soon to tell the full impact of the Log4Shell vulnerability.

The vulnerability in the open-source logging utility has been discovered concerning the well-known game Minecraft. The sites serving game users warned of malicious code on servers that run the Java version of the game by manipulating log messages.

Log4j is incorporated in widely used Apache-related frameworks, which means the spread of vulnerability might be like something never seen before.

ADVERTISEMENT

Companies with servers confirmed to be vulnerable to Log4Shell attack include Apple, Amazon, Twitter, Steam, Baidu, NetEase, Tencent, Elastic and likely hundreds if not thousands more.

More from CyberNews

NSO Group's spyware used to hack US State Department iPhones

Decentralized identity: is privacy worth the risk?

Ethical hackers found 20% more vulnerabilities in 2021

Consumers reported losing a whopping $148 million in gift cards to scams

Subscribe to our newsletter

ADVERTISEMENT
Share
Post
Share
Share
Share
More from Cybernews
Can a dumbphone help you with excessive smartphone use?
Papua New Guinea shuts down Facebook, but that won’t stop users
Russian crypto exchange popular among ransomware gangs is reborn two weeks after its crackdown
Whistleblowers help Binance catch and suspend insider trader
Financing your fried chicken? Buy Now, Pay Later creeps into fast food
Massive OPSEC oversight: top-secret Yemen war plans sent to journalist on Signal
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked