CVE-2020-14644

Oracle WebLogic Server, a product within the Fusion Middleware suite, contains a deserialization vulnerability. Unauthenticated attackers with network access via T3 or IIOP can exploit this vulnerability to achieve remote code execution. Vendor/Product: Oracle WebLogic Server. Added to CISA KEV 2024-09-18; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.