Rewterz Threat Alert – Unveiling the Attacks by White Elephant Group: Exploiting BADNEWS and Remcos Commercial Trojans – Active IOCs
June 17, 2023Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs
June 19, 2023Rewterz Threat Alert – Unveiling the Attacks by White Elephant Group: Exploiting BADNEWS and Remcos Commercial Trojans – Active IOCs
June 17, 2023Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs
June 19, 2023Severity
High
Analysis Summary
CVE-2023-1437
Advantech WebAccess/SCADA could allow a remote attacker to execute arbitrary commands on the system, caused by a flaw with the use of untrusted pointers. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands and overwrite files.
Impact
- Command Execution
Indicators Of Compromise
CVE
- CVE-2023-1437
Affected Vendors
Advantech
Affected Products
- Advantech WebAccess/SCADA 9.1.3
Remediation
Upgrade to the latest version of WebAccess/SCADA, available from the Advantech Web site.