Detection Script for Spring4Shell

On March 30, 2022, a now-deleted Twitter post detailed the proof-of-concept of a zero-day vulnerability in Java Spring Core set security wheels rolling across the world. The vulnerability, now tagged as CVE-2022-22965 and known as Spring4Shell, can be exploited to execute custom code remotely (RCE) by attackers and has started to see exploitation in the wild. Its vendor, Spring by VMWare, assigns the vulnerability a critical severity.

Cyber Security Works (CSW), a CVE Numbering Authority and a provider of attack surface management, has provided a detection script to identify exposure to the Spring4Shell attacks in their most recent blog.


###