Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
December 8, 2021Rewterz Threat Alert – Emotet – Active IOCs
December 8, 2021Severity
High
Analysis Summary
CVE-2021-40333
This vulnerability is a weak default credential associated with TCP Port 26. Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to the DCN routing configuration.
CVE-2021-40334
This vulnerability is due to the implementation of the proprietary management protocol (TCP Port 5558), in which if SSH is activated, could cause a disruption to the NMS and NE communication.
CVE-2020-36229
A vulnerability exists in the affected OpenLDAP versions leading to an LDAP service crash in the parsing of a keystring, resulting in a denial-of-service condition.
CVE-2020-36230
A vulnerability exists in the affected OpenLDAP versions leading in an assertion failure in an LDAP service in the parsing of a file, resulting in a denial-of-service condition.
Impact
- Unauthorized Access
Affected Vendors
- Hitachi Energy
Affected Products
- XMC20: All versions prior to R15A
- FOX61x: All versions prior to R15A
- RTU500 Series CMU Firmware Version 12.4.X
- RTU500 Series CMU Firmware Version 12.6.X
- RTU500 Series CMU Firmware Version 12.7.X
- RTU500 Series CMU Firmware Version 13.0.X
- RTU500 Series CMU Firmware Version 13.1.X
- RTU500 Series CMU Firmware Version 13.2.1
Remediation
Refer to CISA Advisory for the patch, upgrade, or suggested workaround information.
Hitachi Energy XMC20 and FOX61x
Hitachi Energy RTU500 OpenLDAP