March 22, 2024
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]
Rewterz Threat Alert – Sugar Ransomware – Active IOCs
February 3, 2022
Rewterz Threat Alert – CoinStomp Malware – Active IOCs
February 3, 2022
Rewterz Threat Alert – Sugar Ransomware – Active IOCs
February 3, 2022
Rewterz Threat Alert – CoinStomp Malware – Active IOCs
February 3, 2022
Severity
High
Analysis Summary
CVE-2021-38389
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of IOCTL 0x1138B. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.
CVE-2021-33023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of IOCTL 0x2722. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.
Impact
- Remote Code Execution
Affected Vendors
- Advantech
Affected Products
- WebAccess/SCADA
Remediation
Visit the vendor website to update patches: