Criminals are actively exploiting the high-severity Log4Shell vulnerability on servers running VMware Horizon in an attempt to install malware that allows them to gain full control of affected systems, the UK’s publicly funded healthcare system is warning.
CVE-2021-44228 is one associated with the most severe vulnerabilities to come to light in the past few years. It resides in Log4J, a system-logging code|code calculatordecoder} library used in thousands if not millions of third-party applications and websites. That means there is a huge base of vulnerable systems. Additionally , the vulnerability will be extremely easy to exploit plus allows attackers to install Web shells, which provide a command window for executing highly privileged commands on hacked servers.
The remote-code execution flaw in Log4J came to light in December after exploit code was released before a patch has been available. Malicious hackers quickly began actively exploiting CVE-2021-44228 to compromise sensitive systems .