Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
October 8, 2021Rewterz Threat Advisory – ICS: Mitsubishi Electric MELSEC iQ-R Series C Controller Module
October 8, 2021Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
October 8, 2021Rewterz Threat Advisory – ICS: Mitsubishi Electric MELSEC iQ-R Series C Controller Module
October 8, 2021Severity
High
Analysis Summary
CVE-2021-27665
The affected product is vulnerable to an integer overflow vulnerability, which may allow an attacker to cause a denial-of-service condition.
CVE-2021-27664
The software does not properly assign, modify, track, or check privileges. This could allow unauthenticated users access to credentials stored in the exacqVision Server.
Impact
- Denial of Service
- Credential Theft
Affected Vendors
- Exacq Technologies
Affected Products
- exacqVision Server 32-bit: Versions 21.06.11.0 and prior
- exacqVision Web Service Version 21.06.11.0 or older
Remediation
Refer to US-CERT Advisory for patch, upgrade, or suggested workaround information.
Refer to US-CERT Advisory for patch, upgrade, or suggested workaround information.