Rewterz Threat Advisory – CVE-2021-38934 – IBM Engineering Test Management Vulnerability
August 30, 2022Rewterz Threat Alert – IcedID banking Trojan – Active IOCs
August 30, 2022Rewterz Threat Advisory – CVE-2021-38934 – IBM Engineering Test Management Vulnerability
August 30, 2022Rewterz Threat Alert – IcedID banking Trojan – Active IOCs
August 30, 2022Severity
High
Analysis Summary
CVE-2021-38406
Delta Electronics DOPSoft could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write when parsing specific project files. By persuading a victim to open a specially crafted project file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Cross-Site Scripting
Indicators Of Compromise
CVE
- CVE-2021-38406
Affected Vendors
Delta Electronics
Affected Products
- Delta Electronics DOPSoft 2.00.07
- Delta Electronics DOPSoft 2.00.06
- Delta Electronics DOPSoft 2.00.05
- Delta Electronics DOPSoft 2.00.04
Remediation
Refer to Delta Security Advisory for the patch, upgrade, or suggested workaround information.