Rewterz Threat Alert – Trickbot – IOCs
May 29, 2020Rewterz Threat Advisory – Cisco Products Affected by SaltStack FrameWork Vulnerabilities
May 29, 2020Rewterz Threat Alert – Trickbot – IOCs
May 29, 2020Rewterz Threat Advisory – Cisco Products Affected by SaltStack FrameWork Vulnerabilities
May 29, 2020Severity
High
Analysis Summary
Trend Micro InterScan Web Security Virtual Appliance could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an error within the LogSettingHandler class. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system with root privileges.
Impact
Execution of arbitrary code
Affected Vendors
Trend Micro
Affected Products
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5
Remediation
Refer to Trend Micro Security Bulletin: 000253095 for patch, upgrade or suggested workaround information.