

Rewterz Threat Alert – Cardinal RAT Resurfaces with Fresher Attacks
March 20, 2019
Rewterz Threat Alert – Ransomware LockerGoga Hits HYDRO via Active Directory
March 21, 2019
Rewterz Threat Alert – Cardinal RAT Resurfaces with Fresher Attacks
March 20, 2019
Rewterz Threat Alert – Ransomware LockerGoga Hits HYDRO via Active Directory
March 21, 2019Severity
Medium
Analysis Summary
The uncontrolled search path element vulnerability allows an attacker to load and execute a malicious file from the ux32w.dll in third-party component Sentinel UltraPro.
Impact
Load and execute malicious file
Affected Products
InduSoft Web Studio versions prior to v8.1 SP3
InTouch Edge HMI versions prior to 2017 Update 3
Remediation
Vendor recommends that users upgrade to the latest versions located the following links.
InduSoft Web Studio v8.1 SP3
http://download.indusoft.com/81.3.0/IWS81.3.0.zip
InTouch Edge HMI 2017 Update 3
https://softwaresupportsp.schneider-electric.com/#/producthub/details?id=52354