LetsDefend Monitoring Alert

Apache Tomcat Serialized Payload RCE (CVE-2025-24813)

May, 30, 2025, 06:19 PM

Event ID: 318

Event Time: May, 30, 2025, 06:19 PM

Rule Name: SOC340 - Apache Tomcat Serialized Payload RCE (CVE-2025-24813)

Alert Type: Web Attack

MITRE Technique:
T1059.004 - Execution - Unix Shell,
T1190 - Initial Access - Exploit Public-Facing Application,
T1105 - Command and Control - Ingress Tool Transfer,
T1005 - Collection - Data from Local System,
T1210 - Lateral Movement - Exploitation of Remote Services,
T1071.001 - Command and Control - Application Layer Protocol: Web Protocols,

Severity: Critical

Incident Responder

2025 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166