On October 25, 2023, Apache disclosed CVE-2023-46604, a critical remote code execution vulnerability in Apache ActiveMQ with a CVSS score of 10.0. Within days, multiple ransomware groups were actively exploiting the flaw. By November, thousands of internet-exposed ActiveMQ instances remained vulnerable, and the HelloKitty ransomware group had confirmed successful attacks.
The Vulnerability
CVE-2023-46604 is a deserialization vulnerability in the OpenWire protocol used by Apache ActiveMQ. An attacker can send a specially crafted OpenWire command to the ActiveMQ broker that triggers deserialization of a ClassInfo object, leading to arbitrary code execution on the server.
The vulnerability is devastating for several reasons:
No authentication required. The exploit works against the default configuration without any credentials.
Network-level exploitation. The attack targets the OpenWire protocol port (default 61616), which must be accessible for ActiveMQ to function. You can't simply disable the vulnerable feature.
Trivial exploitation. Proof-of-concept exploits were available within 48 hours of disclosure. The exploit is a single network request.
Wide impact. ActiveMQ is one of the most widely deployed message brokers in enterprise environments. Affected versions include ActiveMQ 5.15.x, 5.16.x, 5.17.x, and 5.18.x before the patched releases.
Exploitation in the Wild
The speed at which CVE-2023-46604 was weaponized was remarkable even by 2023 standards:
October 25: Apache discloses the vulnerability and releases patched versions.
October 27: Multiple security researchers publish proof-of-concept exploits. Shadowserver reports mass scanning for vulnerable ActiveMQ instances.
October 30: Rapid7 reports confirmed exploitation in customer environments. The HelloKitty ransomware group is among the first to weaponize the vulnerability.
November 1: CISA adds CVE-2023-46604 to the Known Exploited Vulnerabilities catalog. Multiple ransomware variants are now using the exploit as an initial access vector.
November 8: Reports indicate that TellYouThePass ransomware, SparkRAT, and other malware families have added CVE-2023-46604 to their arsenals.
The attacker workflow was straightforward:
- Scan the internet for ActiveMQ instances on port 61616
- Send the exploit payload to achieve code execution
- Deploy ransomware or remote access trojans
- Encrypt data and demand ransom
Why ActiveMQ?
Apache ActiveMQ is a popular open-source message broker used for asynchronous messaging between application components. It's commonly deployed in:
- Enterprise service bus architectures
- Microservices communication
- Event-driven systems
- Integration middleware
- IoT message routing
Many ActiveMQ deployments are internal, not internet-facing, which reduces the attack surface. But many organizations also expose ActiveMQ to the internet for cross-site messaging, cloud integration, or simply because network segmentation wasn't properly configured.
Shodan scans in late October identified over 7,000 internet-exposed ActiveMQ instances. Many of these were running vulnerable versions.
The Deserialization Problem
CVE-2023-46604 is another chapter in Java's long history of deserialization vulnerabilities. Java's serialization mechanism—which converts objects to byte streams and back—has been a persistent source of remote code execution flaws.
The pattern is always the same: an application deserializes data from an untrusted source, the deserialization process instantiates objects and calls methods, and an attacker crafts a serialized object that triggers code execution during deserialization.
Notable predecessors include:
- Apache Commons Collections (2015): The original "gadget chain" that made Java deserialization attacks mainstream
- Apache Struts CVE-2017-5638: The vulnerability behind the Equifax breach
- Log4Shell CVE-2021-44228: A related class of injection through JNDI lookups
Despite years of awareness, Java deserialization vulnerabilities continue to appear because:
- Serialization is deeply embedded in Java frameworks
- Look-ahead deserialization filters (JEP 290) are not universally deployed
- New gadget chains are continuously discovered
- Legacy applications can't easily migrate away from serialization
Remediation
Apache released fixed versions:
- ActiveMQ 5.15.16
- ActiveMQ 5.16.7
- ActiveMQ 5.17.6
- ActiveMQ 5.18.3
Organizations should also:
Check for compromise before patching. If the instance was exposed to the internet before patching, assume compromise and investigate. Look for new processes, unusual network connections, and modified files.
Restrict network access to ActiveMQ ports. The OpenWire protocol port (61616), AMQP port (5672), and web console port (8161) should not be exposed to the internet. Use firewall rules, VPNs, or network segmentation.
Monitor for exploitation indicators. Look for ClassInfo-related errors in ActiveMQ logs, unexpected outbound network connections, and new processes spawned by the ActiveMQ service account.
Consider alternatives. Organizations that have experienced repeated vulnerabilities in ActiveMQ may want to evaluate alternatives like RabbitMQ, Apache Kafka, or cloud-managed messaging services.
How Safeguard.sh Helps
Safeguard.sh tracks middleware components like Apache ActiveMQ across your infrastructure, ensuring that critical vulnerabilities like CVE-2023-46604 are flagged the moment they're disclosed. Our platform monitors your SBOM for affected components, cross-references with CISA KEV data and active exploitation reports, and prioritizes remediation based on internet exposure and criticality. When ransomware groups weaponize a vulnerability within days of disclosure, the difference between knowing about it on day one versus day seven can be the difference between patching and paying ransom.