The flaw, CVE-2023-32315, allows attackers to bypass authentication and create new admin accounts, enabling them to install malicious Java plugins and execute arbitrary code on compromised servers.
  • September 27, 2023

Hackers Actively Exploiting Openfire Flaw to Encrypt Servers

Hackers are actively exploiting a vulnerability in Openfire messaging servers to encrypt servers with ransomware and deploy cryptominers. The flaw, tracked as CVE-2023-32315, allows attackers to bypass authentication and create new admin accounts, which they use to install malicious Java plugins. This vulnerability affects Openfire versions from 3.10.0 to 4.7.4. Despite fixes being available, thousands of servers are still running vulnerable versions. Dr. Web has observed active exploitation of the flaw since June 2023. Attackers have been using the vulnerability to install ransomware, cryptominers, and backdoors. It is recommended to apply security updates promptly to protect against these attacks.



Back to Home

Comments

  • No comments yet.

Comment

Recommended

The Ultimate Guide to Linux VPS Hosting for Businesses

The Ultimate Guide to Linux VPS Hosting for Businesses

 https://averthost.com/vps-hosting/

VPS vs Shared Hosting: Which is Right for Your Website?

Categories