Rewterz Threat Alert – LokiBot – Fresh IOCs
January 13, 2021Rewterz Threat Advisory – CVE-2021-1665 – Microsoft Windows GDI+ code execution
January 13, 2021Rewterz Threat Alert – LokiBot – Fresh IOCs
January 13, 2021Rewterz Threat Advisory – CVE-2021-1665 – Microsoft Windows GDI+ code execution
January 13, 2021Severity
High
Analysis Summary
CVE-2021-21446
SAP NetWeaver AS ABAP is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to crash or flood the service to prevent legitimate users from accessing a service.
Impact
Denial of Service
Affected Vendors
SAP
Affected Products
- SAP NetWeaver AS ABAP 740
- SAP NetWeaver AS ABAP 750
- SAP NetWeaver AS ABAP 751
- SAP NetWeaver AS ABAP 752
- SAP NetWeaver AS ABAP 753
- SAP NetWeaver AS ABAP 754
- SAP NetWeaver AS ABAP 755
Remediation
Refer to vendor advisory for the complete list of affected products and their respective patches.
SAP Security Patch Day – January 2021