Apache Log4j2 Vulnerability
RCE and DoS in Apache Java logging library
A 0-day exploit was discovered on a popular Java library Log4j2 that can result to a Remote Code Execution (RCE). This is a widely deployed library, and while systems protected by Fortinet Security Fabric are secured by the protections below, all systems need to upgrade ASAP as this is 10.0 severity. Due to the high visibility and attention, subsequent vulnerabilities have since emerged Learn More »
Common Vulnerabilities and Exposures
CVE-2021-44228
CVE-2021-45046
CVE-2021-45105
CVE-2021-44832
CVE-2021-4104
Background
The Log4j2 is a Java-based logging utility that is part of the Apache Software. For more details on the background please read Fortinet Blog: https://www.fortinet.com/blog/threat-research/critical-apache-log4j-log4shell-vulnerability-what-you-need-to-know To view, Fortinet products impacted by this vulnerability, refer to: https://www.fortiguard.com/psirt/FG-IR-21-245 Technical information pertaining to each vulnerability, please refer to the FortiGuard Threat Signals at: https://www.fortiguard.com/threat-signal-report/4335 https://www.fortiguard.com/threat-signal-report/4339 https://www.fortiguard.com/threat-signal-report/4345 https://www.fortiguard.com/threat-signal-report/4360
Threat Radar Overall Score: 5.0
CVSS Rating | 10.0 | |
FortiRecon Score | 95/100 | |
Known Exploited | Yes | |
Exploit Prediction Score | 97.56% | |
FortiGuard Telemetry | 84419 |
Latest Development
Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.
Dec 9th: A 0-day was posted on Twitter with a PoC posted in GitHub. On Dec 10, several security-related websites picked up the vulnerability and released an article.
Jun 27, 2022: Over 6 months later, stories of Log4j2 exploits continue to be published on near-daily basis and FortiGuard Labs continues to see active exploitation attempts. On a single day (Jun 14, 2022), FortiGuard IPS blocked over 50,000 exploits.
FortiGuard Cybersecurity Framework
Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.
-
Lure
-
Decoy VM
-
Vulnerability
-
IPS
-
Web App Security
-
Threat Hunting
-
IOC
-
Outbreak Detection
-
Automated Response
-
Assisted Response Services
-
NOC/SOC Training
-
End-User Training
-
Attack Surface Hardening
-
Business Reputation
-
Vulnerability Management
Lure Detects activities related to the Log4j2 vulnerability
Decoy VM Detects activities related to the Log4j2 vulnerability
Vulnerability Detects presence of Log4j2 vulnerability
IPS Blocks exploitation of the Log4j2 vulnerability
Web App Security Blocks exploitation of the Log4j2 vulnerability
Threat Hunting
Outbreak Detection
Automated Response Services that can automaticlly respond to this outbreak.
Assisted Response Services Experts to assist you with analysis, containment and response activities.
NOC/SOC Training Train your network and security professionals and optimize your incident response to stay on top of the cyberattacks.
End-User Training Raise security awareness to your employees that are continuously being targetted by phishing, drive-by download and other forms of cyberattacks.
Attack Surface Hardening Check Security Fabric devices to build actionable configuration recommendations and key indicators.
Business Reputation Know attackers next move to protect against your business branding.
Vulnerability Management Reduce the attack surface on software vulnerabilities via systematic and automated patching.
Threat Intelligence
Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.
Loading ...
Indicators of compromise
IOC Indicator List
Indicators of compromise
IOC Threat Activity
Last 30 days
Chg
Avg 0
Mitre Matrix
Click here for the ATT&CK Matrix
References
Sources of information in support and relation to this Outbreak and vendor.