Trimble warns Cityworks is being abused in RCE attacks
The company released a patch to address the issue
CISA warns users to apply patch as soon as possible
Hackers are hijacking government software to access sensitive servers, experts have warned.
The warning comes from software vendor Trimble, whose product seems to have been used in the attack. In a letter sent to its customers and partners, Trimble said it observed cybercriminals abusing a deserialization vulnerability in its Cityworks product to engage in Remote Code Execution (RCE) and deploy Cobalt Strike beacons on Microsoft Internet Information Services (IIS) servers.