top of page
perceptive_background_267k.jpg

CISA flags two-year-old Oracle flaw as actively exploited in attacks

Published:

2 June 2026 at 12:40:33

Alert date:

2 June 2026 at 13:01:19

Source:

bleepingcomputer.com

Click to open the original link from this advisory

Enterprise Applications, Web Technologies, Zero-Day Vulnerabilities, Critical Infrastructure

CISA has mandated government agencies to patch a high-severity Oracle WebLogic Server vulnerability that was originally fixed two years ago but is now being actively exploited in attacks. The vulnerability affects Oracle WebLogic Server systems and poses significant security risks to government infrastructure. Despite being patched years ago, many systems remain vulnerable due to incomplete patch deployment. The active exploitation of this older vulnerability highlights the ongoing risks from unpatched systems. Government agencies have been given a deadline to remediate this security flaw.

Technical details

CVE-2024-21182 is a high-severity Oracle WebLogic Server vulnerability that can be exploited remotely by unauthenticated attackers with network access via T3 and IIOP protocols. The vulnerability is easily exploitable in low-complexity attacks and affects Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0. Successful exploitation can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. Over 1,592 vulnerable Oracle WebLogic servers are exposed online according to Shodan.

Mitigation steps:

Apply security patches immediately per Oracle's vendor instructions. Federal agencies must patch by midnight on Thursday, June 4 as mandated by BOD 22-01. Follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. CISA urges all network defenders, including private sector organizations, to patch their systems against ongoing CVE-2024-21182 attacks as soon as possible.

Affected products:

Oracle WebLogic Server version 12.2.1.4.0
Oracle WebLogic Server version 14.1.1.0.0
Oracle E-Business Suite
Oracle Identity Manager
Oracle Web Services Manager

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2024-21182
http://www.oracle.com/security-alerts/cpujul2024.html#:~:text=CVE%2D2024%2D21182
-Oracle
https://www.shodan.io/search?query=product%3A%22Oracle+WebLogic+Server%22+version%3A%2212.2.1.4.0%22
https://www.shodan.io/search?query=product%3A%22Oracle+WebLogic+Server%22+version%3A%2214.1.1.0.0%22
https://www.cisa.gov/news-events/alerts/2026/06/01/cisa-adds-one-known-exploited-vulnerability-catalog
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search=CVE-2024-21182&field_date_added_wrapper=all&field_cve=&sort_by=field_date_added&items_per_page=20&url=
https://www.cisa.gov/binding-operational-directive-22-01
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?f%5B0%5D=vendor_project%3A827
https://www.bleepingcomputer.com/news/security/oracle-pushes-emergency-fix-for-critical-identity-manager-rce-flaw/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page