A newly discovered P2PInfect worm is targeting vulnerable Redis servers using a year-old Lua sandbox escape bug. The worm, written in the Rust programming language, exploits the CVE-2022-0543 vulnerability to propagate and establish P2P communication. It deploys additional binaries, scripts, and scanning tools to find and infect other vulnerable Redis instances. Palo Alto Networks estimates that over 300,000 Redis servers are exposed to the internet, with more than 900 of them vulnerable to the P2PInfect worm. Administrators are urged to patch their Redis servers to prevent infection and potential remote code execution.
Read more: https://www.securityweek.com/p2pinfect-new-peer-to-peer-worm-targeting-redis-servers/
