Rewterz Threat Alert – MuddyWater Campaign Using ScreenConnect RAT
February 12, 2021Rewterz Threat Advisory – Solarwinds Orion Platform privilege escalation
February 15, 2021Rewterz Threat Alert – MuddyWater Campaign Using ScreenConnect RAT
February 12, 2021Rewterz Threat Advisory – Solarwinds Orion Platform privilege escalation
February 15, 2021Severity
High
Analysis Summary
CVE-2020-13949
Apache Thrift is vulnerable to a denial of service, caused by improper input validation. By sending specially-crafted messages, a remote attacker could exploit this vulnerability to cause a large memory allocation, and results in a denial of service condition.
Impact
Denial of service
Affected Vendors
Apache
Affected Products
Apache Thrift 0.13.0
Remediation
Upgrade to the latest version of Thrift (0.14.0 or later)