Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs
August 15, 2022Rewterz Threat Alert – DarkCrystal RAT (DCRat) – Active IOCs
August 15, 2022Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs
August 15, 2022Rewterz Threat Alert – DarkCrystal RAT (DCRat) – Active IOCs
August 15, 2022Severity
High
Analysis Summary
CVE-2022-34660 CVSS:7.6
Siemens Teamcenter could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection vulnerability in the File Server Cache service. An attacker could exploit this vulnerability to execute arbitrary commands on the system <with specific privileges if known.
CVE-2022-34661 CVSS:7.5
Siemens Teamcenter is vulnerable to a denial of service, caused by an infinite loop in the File Server Cache service. A remote attacker could exploit this vulnerability to cause a denial of service.
Impact
- Command Execution
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2022-34660
- CVE-2022-34661
Affected Vendors
Siemens
Affected Products
- Siemens Teamcenter 12.4
- Siemens Teamcenter 13.0
- Siemens Teamcenter 13.1
- Siemens Teamcenter 13.2
- Siemens Teamcenter 13.3
- Siemens Teamcenter 14.0
Remediation
Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.