Rewterz Threat Alert – Here’s The First Known Malware Compromising Cloud Environments Using Windows Containers – Active IOCs
June 8, 2021Rewterz Threat Advisory – CVE-2021-27657 – ICS: Johnson Controls Metasys
June 9, 2021Rewterz Threat Alert – Here’s The First Known Malware Compromising Cloud Environments Using Windows Containers – Active IOCs
June 8, 2021Rewterz Threat Advisory – CVE-2021-27657 – ICS: Johnson Controls Metasys
June 9, 2021Severity
High
Analysis Summary
CVE-2021-22750
The exploitation of this vulnerability could result in loss of data or remote code execution due to missing length checks when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22751
The exploitation of this vulnerability could result in disclosure of information or execution of arbitrary code due to lack of input validation when a malicious CGF (Configuration Group File) is imported to IGSS Definition.
CVE-2021-22752
The exploitation of this vulnerability could result in loss of data or remote code execution due to missing size checks when a malicious WSP (Workspace) file is being parsed by IGSS Definition.
CVE-2021-22753
The exploitation of this vulnerability could result in loss of data or remote code execution due to missing length checks when a malicious WSP file is being parsed by IGSS Definition.
CVE-2021-22754
The exploitation of this vulnerability could result in loss of data or remote code execution due to a lack of proper validation of user-supplied data when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22755
The exploitation of this vulnerability could result in disclosure of information or remote code execution due to a lack of sanity checks on user-supplied data when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22756
The exploitation of this vulnerability could result in disclosure of information or remote code execution due to a lack of user-supplied data validation when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22757
The exploitation of this vulnerability could result in disclosure of information or remote code execution due to a lack of validation on user-supplied input data when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22758
The exploitation of this vulnerability could result in loss of data or remote code execution due to a lack of validation of user-supplied input data when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22759
The exploitation of this vulnerability could result in loss of data or remote code execution due to the use of unchecked input data when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22760
The exploitation of this vulnerability could result in loss of data or remote code execution due to missing checks of user-supplied input data when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22761
The exploitation of this vulnerability could result in disclosure of information or remote code execution due to a missing length check on user-supplied data when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22762
The exploitation of this vulnerability could result in remote code execution when a malicious CGF or WSP file is being parsed by IGSS Definition.
Impact
- Remote code execution
Affected Vendors
Schneider Electric
Affected Products
- IGSS v15.0.0.21140 and prior
Remediation
Refer to vendor advisory for the complete list of affected products and their respective patches at https://us-cert.cisa.gov/ics/advisories/icsa-21-159-04