CVE-2020-14883: 
Oracle WebLogic Server vulnerability analysis and mitigation

CVE-2020-14883 is a high-severity vulnerability in the Console component of Oracle WebLogic Server affecting versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0. The vulnerability was disclosed in October 2020 and allows high-privileged attackers with network access via HTTP to compromise Oracle WebLogic Server (Oracle CPU).

This vulnerability has a CVSS 3.1 Base Score of 7.2 (Confidentiality, Integrity, and Availability impacts). The vulnerability allows authenticated attackers to execute code using a gadget chain and is commonly chained with CVE-2020-14882 (an authentication bypass vulnerability) or through the use of leaked, stolen, or weak credentials (AttackerKB).

Successful exploitation of this vulnerability can result in complete takeover of Oracle WebLogic Server, potentially leading to unauthorized access to critical data and full system compromise (NVD).

Oracle has released patches for this vulnerability as part of their October 2020 Critical Patch Update. Organizations are strongly recommended to apply these security patches without delay to affected WebLogic Server versions (Oracle CPU).

Security researchers have noted that while the 8220 Gang's tactics are considered unsophisticated, they are constantly evolving their techniques to evade detection. The group appears to be opportunistic in target selection, relying on simple, publicly available exploits to target well-known vulnerabilities (Hacker News).