Reposify’s EASM platform provides deep, real-time understanding of known and unknown assets exposed and vulnerable to Spring4Shell, instantly mitigating critical risk for any organization
The Spring4Shell zero-day vulnerability has sent a jolt of panic through the cybersecurity community. CISA has added the liability to its Known Exploited Vulnerabilities category based on “evidence of exploitation”. Taking cues from its predecessor Log4Shell, Spring4Shell targets only java-based enterprise applications. Similarly, Spring Framework is vulnerable to the most severe exploit there is: remote code execution (RCE).
RCE leaves actors to run rampant in systems: stealing passwords and logins, extracting data and infecting networks with malware. With RCE, unprivileged external code can run remotely on any vulnerable machine in the network. Hackers are left to puppeteer attacks remotely with devastating impact. No strike is out of the question — data can be lost or stolen, communications proxied to a remote location, company data copied to private drives, or corporate reputation damaged with explicit content. All are very real, legitimate possibilities.
We’re neck-and-neck: as threat actors exploit Spring4Shell vulnerabilities, cybersecurity teams scramble to assess attack surfaces for vulnerable assets. Sprawling digital footprints are a problem. Organizations have thousands — even millions — of digital assets when accounting for subsidiaries, supply chain and third party vendors. With Spring Framework among the most common application frameworks, the Spring4Shell vulnerability is not to be understated. Though there are immediate steps organizations can take to protect their assets, like upgrading their Spring Framework to version 5.2.20 or 5.3.18, or downgrading their apache tomcat server to version 8 or less, organizations are limited toonly protecting assetsthey know are there.
Zero-day RCE vulnerabilities are a trend, and they will continue.
With Spring4Shell so closely following the Log4Shell vulnerability, an unpredictable trend emerges. Security teams may not be able to predict the next attack, but they can mount a defense. Reposify research concluded the average organization houses 64% of its assets as a part of the unofficial perimeter. This is reversible.
Organizations today are evolving in the cloud, forming subsidiaries, and rely on third-party vendors more than ever before. Now, a majority of digital assets are located outside the traditional enterprise infrastructure — falling outside the immediate control of IT and security teams. In this critical time of need, all the digital doorways into an enterprise must be monitored in real-time.
Detect to protect: Reposify’s EASM platform flags exposed unknown assets vulnerable to Spring4Shell scheme
Reposify’s discovery mechanism empowers companies with precisely-mapped, comprehensive portrayal of their asset inventory. It frees up manpower critical to security teams as they grapple with the expanding attack surface. The platform maps the web in real-time, enabling security teams to detect unknown exposed assets that are vulnerable for Spring4Shell and pose a risk to your organization.
Only by having an accurate inventory that takes the entire supply chain, third party vendors and subsidiaries into account can organizations achieve true perimeter security for the Spring4Shell vulnerability or any future vulnerabilities.