InfoSecBulletin Cybersecurity for mankind
CISA has given a new warning about a serious Oracle WebLogic Server flaw, named CVE-2024-21182, and added it to its Known Exploited Vulnerabilities list on June 1, 2026.
The alert highlights the growing danger from open enterprise middleware systems, especially those that can be accessed through network protocols like T3 and IIOP.
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
The flaw affects Oracle WebLogic Server, a popular application server used for Java in both cloud and on-site settings.
Oracle has not shared all the technical details, but the issue is called an unspecified vulnerability. It can be used from a distance without needing to log in.
Oracle WebLogic Server Vulnerability Exploited
Security researchers say that the way the attack works needs access to the network using WebLogic’s special T3 protocol or the Internet Inter-ORB Protocol (IIOP). These are often used for communication between applications within a company.
Misconfigured WebLogic systems that are exposed to the internet can increase the risk of attacks. This makes them easy targets for hackers looking to get into company networks.
WebLogic has been a common target for ransomware attacks. Cybersecurity experts say that this weakness could be used quickly in money-driven attacks.
The effects of successful exploitation are serious. An attacker can get around security checks and reach important application data, which might allow them to move around inside business systems.
In high-risk situations, this could lead to a complete system takeover, data theft, or the use of extra tools like web shells or remote access trojans.
CISA added CVE-2024-21182 to the KEV catalog, showing it is being used in real attacks. But so far, no specific hackers or ransomware groups are known to be behind these attacks.
Shodan, an internet intelligence platform, now monitors more than 1,592 Oracle WebLogic servers that are online and at risk from CVE-2024-21182 attacks (961 use version 12.2.1.4.0 and 631 use version 14.1.1.0.0).
Organizations using Oracle WebLogic Server must act quickly. CISA has told federal agencies to fix the problem by June 4, 2026, as per Binding Operational Directive 22-01.
The agency says to use Oracle’s official updates or fixes right away. If updates are not ready or can’t be done quickly, companies should think about separating or stopping affected systems to lower risk.
