Client Application Firewall
Spring.Framework.SerializationUtils.Insecure.Deserialization
Description
This indicates an attack attempt to exploit an Insecure Deserialization in Spring Framework.
The vulnerability is due to insufficient validation of user supplied inputs. Successful exploitation could result in remote code execution.
Outbreak Alert
A remote code execution vulnerability exists in Spring Framework with JDK version 9 due to an insecure deserialization exploit. The exploit is based on insufficient validation of input that an attacker can perform a remote code execution. Spring is encouraging customers to upgrade to Spring Framework 5.3.18 and 5.2.20 or follow the suggested workarounds.
View the full Outbreak Alert Report
In the year 2022, FortiGuard IPS and FortiGuard AV/Sandbox blocked three trillion and six trillion hits respectively from vulnerabilities, malware and 0-day attacks. Those encompassed several thousand varieties of Remote Code Execution, Cross-Site Scripting, Elevation of Privilege, Denial of Service, Trojans, Exploits. FortiGuard Labs alerted customers with numerous critical threats throughout the year based on factors such as proof-of-concept, attack vectors, impact, ease of attack, dependencies, and more. This annual report covers:>
Affected Products
Spring Framework
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
The vendor has not released an advisory or patch regarding this vulnerability.
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2022-05-16 | 20.316 | Sig Added |
| 2022-05-02 | 20.307 | Sig Added |
| 2022-03-31 | 20.289 |
| ID | 51352 |
| Created | Mar 30, 2022 |
| Updated | May 13, 2022 |
| Outbreak Alert | Spring4Shell Vulnerability 2022 Annual Report |
| Threat Signal | View Report |
| Risk |
|
| CVE ID | CVE-2022-22965 |
| Known Exploited | Yes |
| Exploit Prediction Score | 97.49% |
| Default Action | drop |
| Affected OS | Windows, Linux, MacOS |
| Affected App | Other |