Rewterz

Bitter APT Uses WmRAT and MiyaRAT to Target Turkish Defense Sector – Active IOCs

December 18, 2024
Rewterz

Attackers Install Obfuscated Backdoors Targeting Pakistan Using Microsoft MSC Files – Active IOCs

December 18, 2024

CVE-2024-50379 – Apache Tomcat Vulnerability

Severity

High

Analysis Summary

CVE-2024-50379

Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.08, which fixes the issue.

Impact

  • Code Execution

Indicators of Compromise

CVE

  • CVE-2024-50379

Affected Vendors

Apache

Affected Products

  • Apache Tomcat - 10.1.0-M1
  • Apache Tomcat - 9.0.0.M1
  • Apache Tomcat - 9.0.97
  • Apache Tomcat - 10.1.33
  • Apache Tomcat - 11.0.0-M1
  • Apache Tomcat - 11.0.1

Remediation

Upgrade to the latest version of Apache Tomcat, available from the Apache Website.

Apache Website

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.