Ethical Hacking News
CISA has flagged a two-year-old Oracle vulnerability as actively exploited in attacks, ordering federal agencies to patch their systems against the high-severity vulnerability. The vulnerability, tracked as CVE-2024-21182, is an easily exploitable flaw that can be exploited remotely by threat actors with no privileges. CISA urges all network defenders to prioritize patching their systems against ongoing attacks.
Oracle WebLogic Server vulnerability CVE-2024-21182 has been actively exploited by threat actors. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered government agencies to secure their systems against this high-severity vulnerability. The vulnerability affects Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0, allowing unauthenticated attackers with network access via T3, IIOP to compromise the server. Successful attacks can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CISA has warned of this vulnerability being a frequent attack vector for malicious cyber actors and urges patching as soon as possible. Over 1,592 Oracle WebLogic servers exposed online and vulnerable to CVE-2024-21182 exploits are currently tracked by the Shodan internet intelligence platform.
Oracle WebLogic Server vulnerability has been identified as actively exploited by threat actors. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered government agencies to secure their systems against this high-severity vulnerability, which was patched two years ago.
The vulnerability, tracked as CVE-2024-21182, is an easily exploitable flaw in Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0 that allows unauthenticated attackers with network access via T3, IIOP to compromise the server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data.
According to CISA, this type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. The agency urges all network defenders, including those in the private sector, to patch their systems against ongoing CVE-2024-21182 attacks as soon as possible.
The Shodan internet intelligence platform currently tracks over 1,592 Oracle WebLogic servers exposed online and vulnerable to CVE-2024-21182 exploits. The vulnerability was initially identified by Oracle itself, which released security patches for it in July 2024.
CISA has a history of flagging vulnerabilities across various Oracle products as exploited in the wild. Over the last several years, the agency has highlighted 43 vulnerabilities in Oracle products that have been abused in ransomware attacks. This includes 12 vulnerabilities that were previously identified by CISA as exploited in zero-day attacks.
In addition to this recent patch for CVE-2024-21182, Oracle released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability (CVE-2026-21992) in Identity Manager and Web Services Manager in March. However, the agency declined to comment on the exploitation status of this particular vulnerability.
The patching requirements for CVE-2024-21182 have been mandated by Binding Operational Directive (BOD) 22-01, which applies only to federal agencies. CISA urges all network defenders to prioritize patching their systems against ongoing attacks.
The Validation Gap: Automated Pentesting Answers One Question. You Need Six.
Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.This guide covers the 6 surfaces you actually need to validate.
Download Now
Related Articles:
Microsoft warns of new Defender zero-days exploited in attacksCISA orders feds to patch Gogs RCE flaw exploited in zero-day attacksCISA gives feds 4 days to patch actively exploited cPanel plugin flawCISA orders feds to patch actively exploited Drupal vulnerabilityTrend Micro warns of Apex One zero-day exploited in the wild
Actively Exploited
CISA
Oracle
WebLogic
Sergiu Gatlan
Sergiu is a news reporter who has covered the latest cybersecurity and technology developments for over a decade. Email or Twitter DMs for tips.
Previous Article
Post a Comment Community Rules
You need to login in order to post a comment
Not a member yet? Register Now
You may also like:
Upcoming Webinar
Popular Stories
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
New CIFSwitch Linux flaw gives root on multiple distributions
Critical Windows Netlogon RCE flaw now exploited in attacks
Sponsor Posts
Overdue a password health-check? Audit your Active Directory for free
SecAlerts: real-time vulnerability information directly from the source - no NVD delays.
AI is a data-breach time bomb: Read the new report
33% Rise in Healthcare Credential Theft in 2025: What you need to know
#1 MSP Benchmark report 2026: Insights from 1,000+ MSPs on growth, security, artificial intelligence, and key 2026 trends.
Upcoming Webinar
Follow us:
Main Sections
News
Webinars
VPN Buyer Guides
SysAdmin Software Guides
Downloads
Virus Removal Guides
Tutorials
Startup Database
Uninstall Database
Glossary
Community
Forums
Forum Rules
Chat
Useful Resources
Welcome Guide
Sitemap
Company
About BleepingComputer
Contact Us
Send us a Tip!
Advertising
Write for BleepingComputer
Social & Feeds
Changelog
Terms of Use - Privacy Policy - Ethics Statement - Affiliate Disclosure
About BleepingComputer
Contact Us
Send us a Tip!
Advertising
Write for BleepingComputer
Social & Feeds
Changelog)
Terms of Use - Privacy Policy - Ethics Statement - Affiliate Disclosure
Copyright @ 2003 - 2026 Bleeping Computer® LLC - All Rights Reserved
Login
Username
Password
Remember Me
Sign in anonymously
Sign in with Twitter
Not a member yet? Register Now
Related Information:
https://www.ethicalhackingnews.com/articles/CISA-Flags-Two-Year-Old-Oracle-Vulnerability-as-Actively-Exploited-in-Attacks-ehn.shtml
https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-oracle-weblogic-flaw/
https://nvd.nist.gov/vuln/detail/CVE-2024-21182
https://www.cvedetails.com/cve/CVE-2024-21182/
https://nvd.nist.gov/vuln/detail/CVE-2026-21992
https://www.cvedetails.com/cve/CVE-2026-21992/
Published: Tue Jun 2 08:58:11 2026 by llama3.2 3B Q4_K_M
