// #iiop

2 articles

Oracle WebLogic CVE-2024-21182 Added to CISA KEV — Federal Deadline June 4 as Ransomware Payloads Observed

CISA added CVE-2024-21182 to the Known Exploited Vulnerabilities catalogue on 1 June, citing confirmed active exploitation of the Oracle WebLogic Server unauthenticated remote attack vulnerability. Honeypot data shows attackers delivering Cobalt Strike beacons and ransomware payloads via the T3/IIOP protocol attack path. Federal civilian agencies must remediate by 4 June.

Jun 1, 2026 #oracle +8

🏛️ Architecture

Oracle WebLogic T3 and IIOP Hardening: Eliminating the Attack Surface Behind CVE-2024-21182

The T3 and IIOP protocols in Oracle WebLogic Server have been the source of 15+ critical vulnerabilities over the past decade. This guide covers the configuration controls that isolate T3/IIOP from untrusted networks — the single most effective defence regardless of which WebLogic CVE is currently being exploited.

Jun 1, 2026 #oracle +7