Rewterz Threat Advisory – Multiple Apache Zeppelin Vulnerabilities
September 3, 2021Rewterz Threat Alert –GandCrab Ransomware – Active IOCs
September 3, 2021Rewterz Threat Advisory – Multiple Apache Zeppelin Vulnerabilities
September 3, 2021Rewterz Threat Alert –GandCrab Ransomware – Active IOCs
September 3, 2021Severity
High
Analysis Summary
CVE-2021-3156
Under specific circumstances, a local attacker could exploit this vulnerability to obtain superuser access to the underlying Linux operating system.
Impact
- Unauthorized Access
Affected Vendors
Johnson Controls
Affected Products
- Pro Gen 3 All versions prior to 2.8.0
- Flex Gen 2 All versions prior to 1.9.4
- Pro 2 All versions
- Insight All versions prior to 1.4.0
Remediation
Refer to CISA Advisory for the patch, upgrade, or suggested workaround information.