Oracle Addresses Zero-Day Exploit in Agile PLM Software

November 19, 2024

Oracle has recently remedied an unauthenticated file disclosure vulnerability in its Oracle Agile Product Lifecycle Management (PLM) software, which was being actively exploited in the wild. The flaw, identified as CVE-2024-21287, allowed for the downloading of files without the need for a username and password. Agile PLM is a software solution that assists businesses in managing product data, processes, and collaboration across global teams. Oracle has urged its Agile PLM customers to promptly install the latest updates to address this flaw.

The company warned, "This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network without the need for a username and password. If successfully exploited, this vulnerability may result in file disclosure." Oracle strongly advised its customers to apply the updates provided by this Security Alert as soon as possible.

The flaw was initially disclosed by Joel Snape and Lutz Wolf of cybersecurity firm CrowdStrike. While the initial advisory did not mention active exploitation, a subsequent blog post by Eric Maurice, Oracle's Vice President of Security Assurance, confirmed that the vulnerability was being exploited in attacks. Maurice's post stated, "This vulnerability affects Oracle Agile Product Lifecycle Management (PLM). It was reported as being actively exploited 'in the wild' by CrowdStrike." The post also noted that the vulnerability had been given a CVSS Base Score of 7.5, indicating a high level of severity.

If successfully exploited, an unauthenticated attacker could download files from the targeted system that are accessible under the privileges used by the PLM application. The specifics of how the flaw is currently being exploited, and whether the attacks have been attributed to a specific threat actor, remain unclear. Both CrowdStrike and Oracle were contacted for additional information but have yet to respond.

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.