Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation

Published:

2 juni 2026 om 18:14:42

Alert date:

2 juni 2026 om 19:00:51

Source:

thehackernews.com

Enterprise Applications, Zero-Day Vulnerabilities

CISA added Oracle WebLogic Server vulnerability CVE-2024-21182 to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation. The high-severity vulnerability (CVSS 7.5) allows unauthenticated attackers with network access to take control of vulnerable servers. The flaw impacts Oracle WebLogic Server and represents an active threat requiring immediate attention from organizations using this enterprise application server.

Technical details

CVE-2024-21182 is an unspecified vulnerability in Oracle WebLogic Server with a CVSS score of 7.5. It allows an unauthenticated attacker with network access via T3, IIOP protocols to compromise Oracle WebLogic Server. Successful attacks can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. The vulnerability allows remote attackers to take control of susceptible servers without authentication.

Mitigation steps:

Apply patches released by Oracle in July 2024. Federal Civilian Executive Branch (FCEB) agencies must apply necessary fixes by June 4, 2026, to secure their networks. Organizations should prioritize patching due to evidence of active exploitation and the vulnerability being added to CISA's Known Exploited Vulnerabilities (KEV) Catalog.

Affected products:

Oracle WebLogic Server

Related CVE's:

CVE-2024-21182

CVE-2026-21962

Related threat actors:

8220 Gang

Storm 1175

IOC's:

This article was created with the assistance of AI technology by Perceptive.