Rewterz Threat Alert – APT34 (OilRig) – IOCs
April 28, 2021Rewterz Threat Advisory – CVE-2021-1489 – Cisco Firepower Device Manager (FDM) Software denial of service
April 29, 2021Rewterz Threat Alert – APT34 (OilRig) – IOCs
April 28, 2021Rewterz Threat Advisory – CVE-2021-1489 – Cisco Firepower Device Manager (FDM) Software denial of service
April 29, 2021Severity
Medium
Analysis Summary
CVE-2021-2321
Oracle VirtualBox could allow a local authenticated attacker to obtain sensitive information, caused by an out-of-bounds read flaw in the implementation of the e1000 virtual network adapter. By sending a specially-crafted request, an attacker could exploit this vulnerability to read past the end of an allocated buffer, and use this information to launch further attacks against the affected system.
Impact
Information Disclosure
Affected Vendors
Oracle
Affected Products
Oracle VM VirtualBox 6.1.19
Remediation
Refer to Oracle Critical Patch Update Advisory – April 2021 for patch, upgrade or suggested workaround information.