CISA Known Exploited Vulnerability

CVE-2012-4681 Ransomware

Oracle · Java SE

Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability

Date added 2022-03-03

BOD 22-01 due date 2022-03-24

CWE —

Ransomware Known

CISA description

The Java Runtime Environment (JRE) component in Oracle Java SE allow for remote code execution.

Apply updates per vendor instructions.

Vulnerability data triggers these controls during assessment and continuous monitoring.