Rewterz Threat Advisory – CVE-2023-49070 – Apache Ofbiz Vulnerability

Rewterz Threat Alert – PatchWork APT Threat Actor Group – Active IOCs

December 5, 2023

Rewterz Threat Update – More than 20,000 Microsoft Exchange Servers are Exposed and Vulnerable

December 5, 2023

Rewterz Threat Advisory – CVE-2023-49070 – Apache Ofbiz Vulnerability

Severity

High

Analysis Summary

CVE-2023-49070

Apache Ofbiz could allow a remote attacker to execute arbitrary code on the system, caused by an no longer maintained XML-RPC. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

Code Execution

Indicators Of Compromise

CVE

CVE-2023-49070

Affected Vendors

Apache

Affected Products

Apache Ofbiz 18.12.09

Remediation

Upgrade to the latest version of Apache Ofbiz, available from the Apache Website.

Apache Website

Rewterz Threat Alert – PatchWork APT Threat Actor Group – Active IOCs

Rewterz Threat Update – More than 20,000 Microsoft Exchange Servers are Exposed and Vulnerable

Rewterz Threat Advisory – CVE-2023-49070 – Apache Ofbiz Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan