Rewterz Threat Advisory – ICS: VISAM VBASE Editor Vulnerabilities
November 10, 2021Rewterz Threat Alert – IcedID banking Trojan – Active IOCs
November 10, 2021Rewterz Threat Advisory – ICS: VISAM VBASE Editor Vulnerabilities
November 10, 2021Rewterz Threat Alert – IcedID banking Trojan – Active IOCs
November 10, 2021Severity
High
Analysis Summary
CVE-2021-3091
The affected product fails to properly validate the contents of an imported project file, which may make the product vulnerable to a path traversal payload. This vulnerability may allow an attacker to plant files on the file system in arbitrary locations or overwrite existing files, resulting in remote code execution.
Impact
- Remote Code Execution
Affected Vendors
- mySCADA
Affected Products
- myDESIGNER: Versions 8.20.0 and prior
Remediation
Refer to CISA Advisory for the patch, upgrade, or suggested workaround information.