16 Percent of all organizations worldwide were already affected after four days
The security researchers from Check Point Research (CPR) warn all users of the popular Java Spring Framework developer environment. After the Log4J vulnerability, the Spring4Shell vulnerability has been discovered. The following vulnerabilities affecting customers in the US and Europe have been officially registered:
Europe in particular is under fire, where 20 percent of organizations are at risk because of Spring4Shell. Software vendors make up the largest group worldwide with 28 percent. Immediate update to the latest version, following the Spring Project guide, is recommended to be safe again.
In the case of Spring4Shell, the security researchers had identified several indicators of injection/remote code execution as a route of attack. This signaled that the payloads under investigation are malicious.
Despite the open security vulnerabilities, users of CloudGuard AppSec were protected and continue to be so.