Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
September 22, 2023
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]September 22, 2023Severity Medium Analysis Summary First discovered in 2016, Revenge RAT is a remote access trojan (RAT) designed to give an attacker complete control over an infected […]September 22, 2023Severity High Analysis Summary The Konni APT (Advanced Persistent Threat) group is a cyber espionage group that has been active since at least 2014. It is […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
September 22, 2023Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]September 22, 2023Severity Medium Analysis Summary First discovered in 2016, Revenge RAT is a remote access trojan (RAT) designed to give an attacker complete control over an infected […]September 22, 2023Severity High Analysis Summary The Konni APT (Advanced Persistent Threat) group is a cyber espionage group that has been active since at least 2014. It is […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Rewterz Threat Alert – Here’s The First Known Malware Compromising Cloud Environments Using Windows Containers – Active IOCs
June 8, 2021Rewterz Threat Advisory – CVE-2021-27657 – ICS: Johnson Controls Metasys
June 9, 2021
Severity
High
Analysis Summary
CVE-2021-22750
The exploitation of this vulnerability could result in loss of data or remote code execution due to missing length checks when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22751
The exploitation of this vulnerability could result in disclosure of information or execution of arbitrary code due to lack of input validation when a malicious CGF (Configuration Group File) is imported to IGSS Definition.
CVE-2021-22752
The exploitation of this vulnerability could result in loss of data or remote code execution due to missing size checks when a malicious WSP (Workspace) file is being parsed by IGSS Definition.
CVE-2021-22753
The exploitation of this vulnerability could result in loss of data or remote code execution due to missing length checks when a malicious WSP file is being parsed by IGSS Definition.
CVE-2021-22754
The exploitation of this vulnerability could result in loss of data or remote code execution due to a lack of proper validation of user-supplied data when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22755
The exploitation of this vulnerability could result in disclosure of information or remote code execution due to a lack of sanity checks on user-supplied data when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22756
The exploitation of this vulnerability could result in disclosure of information or remote code execution due to a lack of user-supplied data validation when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22757
The exploitation of this vulnerability could result in disclosure of information or remote code execution due to a lack of validation on user-supplied input data when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22758
The exploitation of this vulnerability could result in loss of data or remote code execution due to a lack of validation of user-supplied input data when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22759
The exploitation of this vulnerability could result in loss of data or remote code execution due to the use of unchecked input data when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22760
The exploitation of this vulnerability could result in loss of data or remote code execution due to missing checks of user-supplied input data when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22761
The exploitation of this vulnerability could result in disclosure of information or remote code execution due to a missing length check on user-supplied data when a malicious CGF file is imported to IGSS Definition.
CVE-2021-22762
The exploitation of this vulnerability could result in remote code execution when a malicious CGF or WSP file is being parsed by IGSS Definition.
Impact
- Remote code execution
Affected Vendors
Schneider Electric
Affected Products
- IGSS v15.0.0.21140 and prior
Remediation
Refer to vendor advisory for the complete list of affected products and their respective patches at https://us-cert.cisa.gov/ics/advisories/icsa-21-159-04