ACTIVELY EXPLOITED3 sources verified·1 min read
By Lyrie Threat Intelligence·8/25/2022
CVE-2022-22963 added to CISA KEV: VMware Tanzu Spring Cloud
Status: ✅ Confirmed exploited in the wild
Date added: 2022-08-25
Required action: Apply updates per vendor instructions.
Due date: 2022-09-15
Why this matters
When using routing functionality in VMware Tanzu's Spring Cloud Function, it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
Sources
Lyrie Verdict
Lyrie's autonomous detection layer catches active exploitation primitives at machine speed — closing the gap between disclosure and weaponization that traditional defense simply can't cover.