Rewterz Threat Alert – Oski Data Stealer Malware – Active IOCs
June 9, 2021Rewterz Threat Advisory – Multiple Microsoft SharePoint Vulnerabilities
June 9, 2021Rewterz Threat Alert – Oski Data Stealer Malware – Active IOCs
June 9, 2021Rewterz Threat Advisory – Multiple Microsoft SharePoint Vulnerabilities
June 9, 2021Severity
High
Analysis Summary
CVE-2021-31342
The ugeom2d.dll library lacks proper validation of user-supplied data when parsing DFT files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process.
CVE-2021-31343
The jutil.dll library lacks proper validation of user-supplied data when parsing DFT files. This could result in an out-of-bounds write past the end of an allocation structure. An attacker could leverage this vulnerability to execute code in the context of the current process.
CVE-2021-31340
Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a denial-of-service condition. Successful exploitation of this vulnerability could allow an unauthorized attacker to crash the OPC UA service of the affected devices.
CVE-2021-33712
The configuration of the SAML module does not properly check various restrictions and validations imposed by an identity provider, which may allow a remote authenticated attacker to escalate privileges. Successful exploitation of this vulnerability could allow an attacker to escalate privileges.
Impact
- Arbitrary Code Execution
- Uncontrolled Resource Consumption
- Privilege Escalation
Affected Vendors
Siemens
Affected Products
- Solid Edge SE2021 – All versions before SE2021MP5
- SIMATIC RF360R all versions
- Mendix SAML Module: All versions prior to 2.1.2
Remediation
Refer to vendor advisory for the complete list of affected products and their respective patches at https://new.siemens.com/global/en/products/automation/topic-areas/industrial-security.html