ACSC Warning Regarding ForgeRock Open AM Critical Vulnerability

High Alert - Act Quickly
7 July 2021

Dear ACSC Alert Service subscriber

There is active exploitation of a vulnerability in ForgeRock OpenAM (reported as CVE-2021-35464). The exploitation has been used to compromise a number of Australian organisations. We strongly recommend organisations urgently apply available patches or workarounds to mitigate against further compromise.

CVE-2021-35464 was disclosed on 23 June 2021 and targets ForgeRock OpenAM, an open-source access management solution. We have identified a number of Australian organisations which have been compromised through exploitation of this CVE.

The CVE allows malicious actors to remotely execute code on an affected system. We have observed actors exploiting this vulnerability to compromise multiple hosts and deploy additional malware and tools.

Additional information is available from ForgeRock security advisory #202104.


We strongly recommend that Australian organisations urgently:

  • Review their systems and networks for the presence of vulnerable instances of the OpenAM software; and
  • Update to OpenAM version 7 or apply the workaround as identified by the ForgeRock Security Advisory #202104.

If you are unable to upgrade or apply mitigations to your OpenAM instance, we recommend isolating it from the internet or shutting down the server.


We are monitoring the situation and are able to provide assistance and advice as required.

Organisations that have been impacted or require assistance can contact the ACSC via 1300 CYBER1 (1300 292 371).

Read this alert on the website:

Are you a victim of cybercrime? Visit ReportCyber to take your next steps.

We use hyperlinks to give you more information. If you don’t want to click hyperlinks, you can search for the information on the
Web: Facebook\ 32x32 Twitter\ 32x32 YouTube\ 32x32