Critical Updates for WebLogic and Other Oracle Products – Oracle CPU April 2020

PUBLISHED:
21 April 2020

Critical Updates for WebLogic and Other Oracle Products - Oracle CPU April 2020

Oracle released April critical patch updates for multiple Oracle products that include 405 patches. Oracle revealed 286 of those vulnerabilities are remotely exploitable across nearly two dozen product lines. Impacted with multiple critical flaws, rated 9.8 CVSS in severity, are 13 key Oracle products including Oracle Financial Services Applications, Oracle MySQL, Oracle Retail Applications and Oracle WebLogic Server, according to the Oracle April Critical Patch Update Pre-Release Announcement.

Important note Oracle released a critical remote code execution flaws in Oracle WebLogic Server (CVE-2020-2801, CVE-2020-2883, CVE-2020-2884, etc). Most of the vulnerabilities are related to the T3 protocol and XML deserialization and rated 9.8 CVSS in severity. In the past TechCERT observed that Oracle T3 deserialization security flaws were widely used for delivering ransomware and other malware to Sri Lankan and South Asian region organizations. Although there are no publicly available exploits, Oracle states that there are exploit attempts to exploit the vulnerabilities. It is only a matter of time to develop exploits by attackers.

Solution

TechCERT strongly recommends using on actively-supported versions and apply Critical Patch Update security patches without delay for Oracle Products.

TechCERT recommends applying patches in the following manner.

  • Give the priority to the external-facing components
  • Make a plan to apply critical patches first
  • Apply the patches timely without delay

Additionally, TechCERT strongly suggests administrators, to go through Oracle Critical Patch Update Advisory – April 2020.

More Information

Oracle Critical Patch Update Advisory – April 2020: https://www.oracle.com/security-alerts/cpuapr2020.html

21 April 2022 [NO.TCSA : 20220422-1-1-P]

A Critical Unauthenticated Remote Code Execution (RCE) Flaw Found in WSO2 API Manager, Identity Server & Enterprise Integrator

READ MORE READ MORE
19 April 2022 [NO.TCSA : 20220419-1-1-P]

Possible Increase of Intrusion Attempts on Sri Lankan Websites

READ MORE READ MORE
1 April 2022 [NO.TCSA : 20220401-1-1-P]

Spring4Shell – A Critical Remote Execution Found Spring Framework

READ MORE READ MORE
Read More BACK TO THREAT BULLETIN