Attackers Exploiting Oracle WebLogic Deserialization Bug (CVE-2020-2883)

Following Oracle’s Critical Patch Update (CPU) in April 2020, Oracle warned customers about the importance of applying these patches “without delay” as they had received reports of attackers exploiting “a number of recently patched flaws.” These flaws include a critical vulnerability in Oracle WebLogic Server.

CVE-2020-2883, a deserialization vulnerability in the Oracle Coherence library for Oracle WebLogic Server, has been observed being exploited in the wild. Researchers at the Zero Day Initiative published details about this vulnerability and its connections to CVE-2020-2555, a separate deserialization flaw in Oracle WebLogic Server

For more information, including additional backstory around its connection to CVE-2020-2555, availability of a proof of concept, as well as product coverage, please visit our blog.