A critical vulnerability in Apache<\/a> Ignite tracked as CVE-2024-52577, exposes systems to remote code execution (RCE) attacks due to improper enforcement of class serialization filters.\u00a0<\/p>\n Rated CVSS 9.8, this flaw affects Ignite versions 2.6.0 through 2.16.x, enabling attackers to execute arbitrary code by exploiting deserialization weaknesses in server endpoints.<\/p>\n Apache Ignite, a distributed in-memory database platform, improperly validates class serialization filters on specific endpoints.<\/p>\n Attackers can craft malicious payloads containing serialized objects that bypass security checks, triggering code execution<\/a> when deserialized.\u00a0<\/p>\n The vulnerability originates from Ignite\u2019s failure to enforce ObjectInputFilter configurations, which are designed to block dangerous classes during deserialization.<\/p>\n Successful exploitation grants full control over affected systems, compromising data integrity, confidentiality, and availability. The attack requires:<\/p>\n Reporter Zhattatey and remediation developer Mikhail Petrov contributed to the vulnerability\u2019s identification and fix.<\/p>\n The Apache Software Foundation released<\/a> version 2.17.0 to enforce serialization filters comprehensively. Administrators should:<\/p>\n Upgrade immediately using Maven:<\/p>\n Restrict network access to Ignite endpoints via firewalls or security groups and monitor logs for anomalous deserialization attempts, such as unexpected class loads or outgoing network connections.<\/p>\n CVE-2024-52577 underscores persistent risks in Java deserialization, a problem first widely publicized in 2015 with vulnerabilities in Apache Commons Collections.\u00a0<\/p>\n Despite improvements like JEP 290 (introducing serialization filters in Java 9), misconfigurations remain prevalent.<\/p>\n Organizations using Apache Ignite must prioritize upgrading to 2.17.0 and audit their classpaths for unnecessary gadget libraries.<\/p>\n As attackers increasingly target serialization flaws, proactive patch management, and defense-in-depth strategies are critical to mitigating RCE<\/a> risks.<\/p>\n Free Webinar: Better SOC with Interactive Malware Sandbox for Incident Response and Threat Hunting \u2013\u00a0Register Here<\/a><\/strong><\/p>\n The post Critical Apache Ignite Vulnerability Let Attackers Execute Remote Code\u00a0<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\n\n
Mitigation Strategies<\/strong><\/h2>\n
![\"\"](\"https:\/\/lh7-rt.googleusercontent.com\/docsz\/AD_4nXfR-oZffIou6wKgPKP-fqpkTd27isLO3CsZfJvG0m08YaJ2Lw_2VM_8qYfu5J9eL8c7cu6uRaoS0Pn1QyL3zpHheViK_xm7PFTYrsIIG9JPe_Oai3vLKd9W9wHflUeP0HlKiIvo?key=if3zojqDUqWf14qvHw2pkpAm\")