BleepingComputer reports that nearly 45,000 internet-exposed Jenkins open-source automation servers around the world could be compromised in attacks leveraging the critical remote code execution vulnerability, tracked as CVE-2024-23897, which has already been addressed in updates issued last week.
China accounted for most of the vulnerable Jenkins instances, followed by the U.S., Germany, India, France, and the UK, according to a report from Shadowserver.
Such findings come days after the reported discovery of several working exploits and attempted attacks targeted at the RCE flaw, which could be leveraged to facilitate arbitrary command-line interface command execution and arbitrary file reading and eventually permit sensitive data access, stored secret decryption, file deletion, and Java heap dump downloads.
Organizations with vulnerable Jenkins servers have been urged to immediately apply the security updates, as well as review mitigation recommendations and workarounds to prevent potentially significant repercussions amid ongoing scans conducted by threat actors.
Network Security, Vulnerability Management
Critical RCE attacks threaten almost 45K Jenkins servers
An In-Depth Guide to Network Security
Get essential knowledge and practical strategies to fortify your network security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds