Rewterz Threat Alert – LokiBot Malware – IOCs
August 4, 2020Rewterz Threat Advisory – CVE-2020-4631 – IBM Spectrum Protect Plus
August 5, 2020Rewterz Threat Alert – LokiBot Malware – IOCs
August 4, 2020Rewterz Threat Advisory – CVE-2020-4631 – IBM Spectrum Protect Plus
August 5, 2020Severity
Medium
Analysis Summary
CVE-2020-16199
Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.
CVE-2020-16201
Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read information.
CVE-2020-16203
An uninitialized pointer may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.
Impact
- Application crash
- Execution of arbitrary code
Affected Vendors
Delta Electronics
Affected Products
Industrial Automation CNCSoft ScreenEditor Versions 1.01.23 and prior
Remediation
Delta Electronics recommends the following:
Update to the latest version of CNCSoft ScreenEditor Version 1.01.26