This alert has been written primarily for, but is not limited to, business and government. This alert is intended for a technical audience.
Background
MongoDB has identified a vulnerability in their MongoDB server product, CVE-2025-14847.
The vulnerability (CVE-2025-14847) in MongoDB’s zlib implementation permits unauthenticated remote exploitation, leading to possible remote extraction of sensitive data from MongoDB server memory without requiring login credentials.
ASD’s ACSC is aware of active global exploitation of this vulnerability.
ASD’s ACSC recommends that organisations take immediate action to mitigate affected products, apply the latest patches and investigate for potential compromise.
The vulnerability impacts the following MongoDB versions:
- MongoDB 8.2.0 through 8.2.3
- MongoDB 8.0.0 through 8.0.16
- MongoDB 7.0.0 through 7.0.26
- MongoDB 6.0.0 through 6.0.26
- MongoDB 5.0.0 through 5.0.31
- MongoDB 4.4.0 through 4.4.29
- All MongoDB Server v4.2 versions
- All MongoDB Server v4.0 versions
- All MongoDB Server v3.6 versions
Mitigation advice
Australian organisations should review their networks and environments for use of vulnerable versions of the MongoDB servers, and consult the MongoDB statement and the OX Security blog for mitigation advice and patching.
Organisations should also investigate for any unauthorised access or compromise of affected products.
Where to get help
Organisations that have been impacted, suspect impact or require advice and assistance can contact us via 1300 CYBER1 (1300 292 371).