Security firm Blumira discovers major new Log4j attack vector

Advisories

Discover Security Vulnerabilities News

Security firm Blumira discovers major new Log4j attack vector

20.Lock AbstractDigital Circular

A basic Javascript WebSocket connection can trigger a local Log4j remote code attack via a drive-by compromise. Wonderful. Truly wonderful.

It doesn't rain, but it pours. Previously, one assumption about the 10 out of 10 Log4j security vulnerability was that it was limited to exposed vulnerable servers. We were wrong. The security company Blumira claims to have found a new, exciting Log4j attack vector.

You didn't really want to take this weekend off, did you? Of course not! Instead, you'll be chasing down vulnerable Log4j code ever deeper into your network. According to Blumira, this newly-discovered Javascript WebSocket attack vector can be exploited through the path of a listening server on their machine or local network. An attacker can simply navigate to a website and trigger the vulnerability. Adding insult to injury, WebSocket connections within the host can be difficult to gain deep visibility into. That means it's even harder to detect this vulnerability and attacks using it.

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.