**Name of the Vulnerable Software and Affected Versions:**

Apache ActiveMQ versions prior to 5.15.16, prior to 5.16.7, prior to 5.17.6, and prior to 5.18.3.

**Description:**

Apache ActiveMQ is vulnerable to a Remote Code Execution (RCE) vulnerability (CVE-2023-46604) due to insecure deserialization of data within the OpenWire protocol. Successful exploitation allows a remote, unauthenticated attacker to execute arbitrary shell commands on the server. This vulnerability has been actively exploited in the wild by ransomware groups, including HelloKitty and Mauri, and is also associated with the deployment of web shells like Godzilla. Numerous reports indicate a high number of vulnerable systems exposed online, particularly in China and the US. Exploitation has been observed as early as October 10, 2023.

**Recommendations:**

Upgrade Apache ActiveMQ to version 5.15.16 or later, 5.16.7 or later, 5.17.6 or later, or 5.18.3 or later.