Rewterz Threat Alert – Dridex Banking Trojan – Active IOCs
August 10, 2021Rewterz Threat Advisory –Multiple Dell EMC Connectrix B-Series Security Vulnerabilities
August 11, 2021Severity
High
Analysis Summary
CVE-2020-8670
A race condition in the firmware for some Intel processors may allow a privileged user to enable escalation of privilege via local access.
CVE-2020-8703
Improper buffer restrictions in a subsystem in the Intel CSME versions prior to 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, and 15.0.22 may allow a privileged user to enable escalation of privilege via local access.
CVE-2020-8704
A race condition in a subsystem in the Intel LMS versions prior to 2039.1.0.0 may allow a privileged user to enable escalation of privilege via local access.
CVE-2020-12357
Improper initialization in the firmware for some Intel processors may allow a privileged user to enable escalation of privilege via local access.
CVE-2020-12358
An out-of-bounds write in the firmware for some Intel processors may allow a privileged user to cause a denial-of-service condition via local access.
CVE-2020-12360
An out-of-bounds read in the firmware for some Intel processors may allow an authenticated user to enable an escalation of privilege via local access.
CVE-2020-24486
Improper input validation in the firmware for some Intel processors may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2020-24506
Out-of-bounds read in a subsystem in the Intel CSME versions prior to 12.0.81, 13.0.47, 13.30.17, 14.1.53, and 14.5.32 may allow a privileged user to enable information disclosure via local access.
CVE-2020-24507
Improper initialization in a subsystem in the Intel CSME versions prior 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11, and 15.0.22 may allow a privileged user to enable information disclosure via local access.
CVE-2020-24511
Improper isolation of shared resources in some Intel processors may allow an authenticated user to enable information disclosure via local access.
CVE-2020-24512
An observable timing discrepancy in some Intel processors may allow an authenticated user to enable information disclosure via local access.
CVE-2020-24513
A domain-bypass transient execution vulnerability in some Intel Atom processors may allow an authenticated user to enable information disclosure via local access.
Impact
- Denial of Services
- Information Disclosure
- Unauthorized Access
- Privilege Escalation
- Configuration change.
Affected Vendors
- Siemens
Affected Products
- SIMATIC Drive Controller Family: All versions
- SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants): All versions
- SIMATIC Field PG M5: All versions
- SIMATIC Field PG M6: All versions
- SIMATIC IPC127E: All versions
- SIMATIC IPC427E: All versions
- SIMATIC IPC477E: All versions
- SIMATIC IPC477E Pro: All versions
- SIMATIC IPC527GE: All versions
- SIMATIC IPC547G: All versions
- SIMATIC IPC627E: All versions
- SIMATIC IPC647E: All versions
- SIMATIC IPC677E: All versions
- SIMATIC IPC847E: All BIOS versions prior to v25.02.10
- SIMATIC ITP1000: All versions
- SIMATIC S7-1500 CPU 1518F-4 PN-DP MFP (MLFB: 6ES7518-4FX00-1AC0): All versions
- SINUMERIK 828D HW PPU.4: All versions
- SINUMERIK MC MCU 1720: All versions
- SINUMERIK ONE /
- SINUMERIK 840D sl Handheld Terminal HT 10: All versions
- SINUMERIK ONE PPU 1740: All versions
- SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (MLFB: 6ES7518-4AX00-1AC0 6AG1518-4AX00-4AC0 incl. SIPLUS variant): All versions
Remediation
Refer to vendor advisory for the complete list of affected products and their respective patches at
https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf