Remote Code Execution Vulnerability in Oracle Java SE and JRockit
CVE-2017-3241

9CRITICAL

Key Information:

Vendor
Oracle
Status
Java Se
Java Se Embedded
Jrockit
Vendor
CVE Published:
27 January 2017

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 63%

Summary

This vulnerability affects Oracle's Java SE and JRockit components, enabling unauthenticated attackers with network access to potentially execute arbitrary code. By sending crafted requests to the RMI (Remote Method Invocation) APIs, attackers can manipulate the Java platform, leading to unauthorized access and compromise of affected systems. While primarily impacting Java SE configurations, the exploit could have broader implications across various Oracle products that utilize these Java components. It's critical for users to apply security updates to mitigate the risks associated with this vulnerability and ensure their systems remain secure.

Affected Version(s)

Java SE 6u131

Java SE 7u121

Java SE 8u112

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2017-3241-POC
Created by xfei3

CVE-2017-3241
Created by scopion

References

http://rhn.redhat.com/errata/RHSA-2017-0338.html
vendor-advisoryx_refsource_REDHAT
http://www.debian.org/security/2017/dsa-3782
vendor-advisoryx_refsource_DEBIAN
http://rhn.redhat.com/errata/RHSA-2017-0176.html
vendor-advisoryx_refsource_REDHAT

EPSS Score

63% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.