Rewterz Threat Alert – Emotet Malware Steals Email Attachments to Attack Contacts
July 29, 2020Rewterz Threat Advisory – CVE-2020-14498 – ICS: HMS Industrial Networks eCatcher
July 29, 2020Rewterz Threat Alert – Emotet Malware Steals Email Attachments to Attack Contacts
July 29, 2020Rewterz Threat Advisory – CVE-2020-14498 – ICS: HMS Industrial Networks eCatcher
July 29, 2020Severity
Medium
Analysis Summary
CVE-2020-10597
Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read information and/or crash the application.
CVE-2020-14482
Opening a specially crafted project file may overflow the heap, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.
Impact
- Information disclosure
- Application crash
Affected Vendors
Delta Electronics
Affected Products
DOPSoft Version 4.00.08.15 and prior
Remediation
Update to the latest version of DOPSoft v4.00.08.21