At a Glance: CISA warns of active exploitation of CVE-2024-21182 in Oracle WebLogic Server with low attack complexity and focus on data leakage; federal agencies must patch by June 4, 2026.
The US security agency CISA added vulnerability CVE-2024-21182 in Oracle WebLogic Server to its catalog of known exploited security flaws on June 1, 2026, after active attacks were confirmed on the internet and in enterprise networks. Federal agencies face a binding deadline of June 4, 2026 for complete remediation.
The Cybersecurity and Infrastructure Security Agency (CISA) has officially classified vulnerability CVE-2024-21182 in Oracle WebLogic Server as an actively exploited risk. Affected are versions 12.2.1.4.0 and 14.1.1.0.0 of the Core component of the application server. The attack vector exploits the proprietary T3 protocol and the Internet Inter-ORB Protocol (IIOP), which are used by default for communication between WebLogic components.
The vulnerability enables unauthorized access without prior authentication, elevated user privileges, or end-user interaction. The attack complexity is low, which makes publicly accessible instances – particularly on the default port 7001 – an easy target for attackers. The National Institute of Standards and Technology (NIST) rates the security flaw with a CVSS score of 7.5 (high).
The primary threat is not remote code execution, but data leakage: attackers can bypass access controls to penetrate database structures, read configuration files, copy credentials, and exfiltrate business-critical information. CISA explicitly warns of unauthorized access to critical data or complete access to all data accessible to the Oracle WebLogic Server.
The time gap between the original availability of the security update and the current attack timeline points to a typical exploitation pattern: organizations that delay patch deployment remain exposed long-term. Federal agencies in the US face a binding deadline of June 4, 2026. Private companies are urged to immediately audit their systems for this vulnerability and deploy patches.
Source: www.it-daily.net · Published June 3, 2026
Lumi AI News — AI-assisted curation in accordance with Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.2.9.