CVE-2023-46604: Apache ActiveMQ Deserialization of Untrusted Data

Apache ActiveMQ Deserialization of Untrusted Data Vulnerability. Apache ActiveMQ contains a deserialization of untrusted data vulnerability that may allow a remote attacker with network access to a broker to run shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.

• CISA KEV-listed (remediation due 2023-11-23)
• used in ransomware campaigns
• EPSS 94.4% (100.0% percentile)

Detection rules

• Malware User Agent high

Related briefings

• Microsoft Exposes Onyx Sleet's Expanding Malware Arsenal Targeting Aerospace and Defense Organizations 2026-02-16

Browse the CVE database

Read the full analysis on IntelFusions