Better update now – a critical security flaw found in Apache Tomcat

Last updated: 20 March 2025
Image from Shutterstock
Image from Shutterstock

A critical Apache Tomcat vulnerability is putting companies and cloud platforms at risk, allowing attackers to alter files and execute malicious code.

A new high-risk vulnerability has been revealed that affects Apache Tomcat, a widely-used software that helps Java-based websites and applications run smoothly on the internet.

Tomcat is commonly used by companies in their applications, cloud environments, and SaaS platforms, making this vulnerability a significant risk for organizations worldwide.

ADVERTISEMENT

The vulnerability identified as CVE-2025-24813 could enable attackers to access and modify internal files, such as logs or configuration settings, and even execute malicious code.

Which Apache Tomcat versions are affected?

  • Tomcat 9.0.0.M1 to 9.0.98
  • Tomcat 10.1.0-M1 to 10.1.34
  • Tomcat 11.0.0-M1 to 11.0.2

The risks posed by the vulnerability are extremely severe when paired with partial PUT request support and the default servlet's write permissions.

If a system allows PUT requests, a new file could be uploaded to the server. If a malicious actor could upload harmful files, this could result in the takeover of the system.

A servlet is a program running on a server that helps process web requests. Write permissions allow the servlet to create or modify files on the server.

While this scenario is less likely, if a servlet configuration is changed to grant writing permission, threat actors could upload or change files that they shouldn’t be able to, which could make the server vulnerable.

On the Common Vulnerability Scoring System (CVSS) scale, the flaw was rated 9.8, which means that it is a critical vulnerability.

ADVERTISEMENT

Apache has since patched the vulnerability, and the latest software is protected against risks. Organizations using older versions are urged to update their software.

vilius Gintaras Radauskas Ernestas Naprys Paulius Grinkevičius B&W
Don’t miss our latest stories on Google News
Google News Follow us

If the vulnerability is successfully exploited, what could happen?

  • Attackers can overwrite and modify critical files.
  • Sensitive files could be exposed and leaked.
  • Attackers could modify security-sensitive files to enable remote code execution (RCE).
Share
Post
Share
Share
Share
More from Cybernews
Linux has a major weakness: invisible rootkit abuses security systems’ blind spot
Unrest among Albert Heijn employees after massive data breach at Ahold Delhaize
Crypto drainer-as-a-service crime model on the rise
Nintendo Switch 2 pre-order chaos crash Target, Walmart sites
Perplexity joins OpenAI in the battle for Chrome – if Google is forced to sell
Users torn about WhatsApp feature, threaten to quit the app
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked