Oracle is releasing an additional fix to fix a bug a second time after the proof-of-concept exploit code was released.
Oracle released a rare non-standard security update on Sunday to address an incomplete patch for a recently discovered vulnerability on Oracle WebLogic servers that is currently being actively exploited in real-time. attacks.
The new patch (called CVE-2020-14750) adds additional fixes to a first bug (CVE-2020-14882), which was originally fixed with the standard Oracle October 2020 quarterly security updates.
As the exploitation is insignificant, the exploitation code is proof-of-concept (PoC) was released within days of Oracle's initial patch.
But these POCs were quickly adopted by various threat groups, and last week, the SANS ISC reported attacks on WebLogic honeypots.
But even the fixed systems were not considered safe.
According to Adam Boileau, chief security consultant at Insomnia Sec, the original patch for CVE-2020-14882 could be bypassed if intruders changed a character in the standard POC exploit.
According to security firm Spyse, more than 3.300 WebLogic servers are currently on display at Internet and are considered vulnerable to the initial vulnerability CVE-2020-14882.