Rewterz Threat Alert – Dridex Banking Trojan – Active IOCs
December 13, 2021Rewterz Threat Advisory – CVE-2021-4104 – Apache Log4j Vulnerability
December 14, 2021Rewterz Threat Alert – Dridex Banking Trojan – Active IOCs
December 13, 2021Rewterz Threat Advisory – CVE-2021-4104 – Apache Log4j Vulnerability
December 14, 2021Severity
High
Analysis Summary
CVE-2021-35534
An attacker could exploit this vulnerability by first gaining access to credentials of any account or have access to a session ticket issued for an account. After gaining access via the configuration tool that accesses the proprietary Open Database Connectivity (ODBC) protocol (TCP 2102), the database table can be manipulated for privilege escalation, which then allows unauthorized modification or permanent disabling of the device.
Impact
- Security Bypass
Affected Vendors
- Hitachi Energy
Affected Products
- GMS600: Version 1.2.0
- GMS600: Version 1.3.0
- GMS600: Version 1.3.1.0
- PWC600: Version 1.1.0.0
- PWC600: Version 1.1.0.1
- PWC600: Version 1.0.1.0
- PWC600: Version 1.0.1.1
- PWC600: Version 1.0.1.3
- PWC600: Version 1.0.1.4
- Relion 670/650 series: Version 2.2.0 all revisions
- Relion 670/650/SAM600-IO series: Version 2.2.1 all revisions
- Relion 670 series: Version 2.2.2 all revisions
- Relion 670 series: Version 2.2.3 revisions up to 2.2.3.4
- Relion 670/650 series: Version 2.2.4 all revisions
- Relion 670/650/SAM600-IO series: Version 2.2.5 revisions up to 2.2.5.1
- Relion 670/650 series: Version 2.1 all revisions
- Relion 670 series: Version 2.0 all revisions
- Relion 650 series: Version 1.3 all revisions
- Relion 650 series: Version 1.2 all revisions
- Relion 650 series: Version 1.1 all revisions
- Relion 650 series: Version 1.0 all revisions
Remediation
Refer to CISA Advisory for the patch, upgrade, or suggested workaround information.