Rewterz Threat Alert –ScarCruft APT Targets Security Experts for Gathering Strategic Intelligence – Active IOCs
January 23, 2024Rewterz Threat Advisory – CVE-2024-0769 – D-Link DIR-859 Vulnerability
January 24, 2024Rewterz Threat Alert –ScarCruft APT Targets Security Experts for Gathering Strategic Intelligence – Active IOCs
January 23, 2024Rewterz Threat Advisory – CVE-2024-0769 – D-Link DIR-859 Vulnerability
January 24, 2024Severity
High
Analysis Summary
CVE-2023-5130 CVSS:7.8
Delta Electronics WPLSoft is vulnerable to a buffer overflow, caused by improper bounds checking. By enticing a user to open a specially crafted DVP file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2023-5131 CVSS:7.8
Delta Electronics ISPSoft is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By enticing a user to open a specially crafted DVP file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
Impact
- Gain Access
- Buffer Overflow
Indicators Of Compromise
CVE
- CVE-2023-5130
- CVE-2023-5131
Affected Vendors
Delta
Affected Products
- Delta Electronics WPLSoft 2.42.11
- Delta Electronics ISPSoft 3.02.11
Remediation
Refer to Delta Electronics Website for patch, upgrade or suggested workaround information.