HOMEVULNERABILITIESCVE-2019-0344
HIGHCISA KEVIN THE WILD

CVE-2019-0344

Published: September 30, 2024

EPSS:40.62%probability of exploitation in 30 daysPercentile:97.3th

Official Description

SAP Commerce Cloud (formerly known as Hybris) contains a deserialization of untrusted data vulnerability within the mediaconversion and virtualjdbc extension that allows for code injection.

NVD Source

CISA KEV Advisory

SAP Commerce Cloud Deserialization of Untrusted Data Vulnerability

SAP Commerce Cloud (formerly known as Hybris) contains a deserialization of untrusted data vulnerability within the mediaconversion and virtualjdbc extension that allows for code injection.

Added to KEV: 2024-09-30Federal patch deadline: 2024-10-21
Required Action (CISA)

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Risk Analysis

A deserialization of untrusted data vulnerability in SAP Commerce Cloud (formerly Hybris) mediaconversion and virtualjdbc extensions allows for code injection. With an EPSS score of 0.40616 and inclusion in CISA's KEV, this vulnerability is actively exploited, posing a critical risk of remote code execution.

This vulnerability is actively exploited in the wild and is listed in CISA's KEV. It is remotely exploitable, likely through specially crafted input to the affected extensions.

Recommended Action

Apply the latest security patches and updates for SAP Commerce Cloud, specifically addressing the mediaconversion and virtualjdbc extensions. Implement strict input validation and secure deserialization practices.

Generated by the CTIWATCH analysis pipeline from this CVE's metadata (CVSS, EPSS, KEV status, exploit intelligence). Verify against vendor advisories before acting.

Technical Analysis

CVE-2019-0344 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

CISA has added CVE-2019-0344 to the Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in the wild. U.S. federal agencies are required to patch this within the mandated timeframe, and all organizations should treat remediation as urgent.

Affected Vendors & Products

Mentioned vendors (from description):
SAP
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

ACTIVE EXPLOITATIONConfirmed exploitation in the wild
External links open in a new tab. Always verify in a controlled environment before use.

All References (2)

Quick Facts

CVE IDCVE-2019-0344
SeverityHIGH
CISA KEVYES — Active Exploitation
ExploitIN THE WILD
EPSS (30d)40.62%
PublishedSep 30, 2024

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2019-0344 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
  • !CISA KEV: Federal agencies must patch per BOD 22-01 timeline
  • !Active exploitation confirmed — treat as P1
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.