Outbreak Alert

Apache Tomcat RCE

Released: Mar 28, 2025

Updated: Apr 01, 2025

Download PDF »

Apache Tomcat RCE Vulnerability Tags

High Severity

Apache Vendor

Watch Video

Actively exploited in the wild

FortiGuard Labs has identified ongoing attack attempts aimed at exploiting the recently discovered Apache Tomcat remote code execution vulnerability, CVE-2025-24813. If successful, attackers could gain access to sensitive security files, allowing them to view or inject arbitrary content and potentially execute code remotely on target systems. Learn More »

Common Vulnerabilities and Exposures

Background

Exploit code for this vulnerability is publicly available, and no authentication is required to launch an attack, making prompt mitigation essential. According to Apache, successful exploitation requires specific conditions, and some of them may be enabled by default, allowing attackers to manipulate and view sensitive files or execute remote code.

Latest Development

Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.

Impacted users should implement the recommended mitigations provided by Apache and follow the instructions outlined in the vendor's advisory: - Upgrade to Apache Tomcat 11.0.3 or later - Upgrade to Apache Tomcat 10.1.35 or later - Upgrade to Apache Tomcat 9.0.99 or later

April 01, 2025: CISA added the Apache Tomcat vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-24813 Apache Tomcat Path Equivalence Vulnerability
March 27, 2025: FortiGuard Labs released a Threat Signal
https://www.fortiguard.com/threat-signal-report/6053/apache-tomcat-rce
March 10, 2025: On March 10, 2025, Apache issued a security advisory regarding a critical vulnerability (CVE-2025-24813) affecting the Apache Tomcat web server.
https://lists.apache.org/thread/j5fkjv2k477os90nczf2v9l61fb0kkgq

FortiGuard Cybersecurity Framework

Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.

PROTECT

Lure
Decoy VM
Vulnerability
IPS

DETECT

IOC
Outbreak Detection
Content Update

RESPOND

Automated Response
Assisted Response Services

RECOVER

NOC/SOC Training
End-User Training

IDENTIFY

Vulnerability Management
Attack Surface Monitoring (Inside & Outside)
Attack Surface Hardening

Threat Intelligence

Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.

References

Sources of information in support and relation to this Outbreak and vendor.

The Register

Learn More »

About FortiGuard Outbreak Alerts

Learn More »

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About