Rewterz Threat Advisory – McAfee (DLP) Endpoint for Windows Vulnerabilities
April 15, 2021Rewterz Threat Alert – AZORult Malware – Updated IOCs
April 16, 2021Rewterz Threat Advisory – McAfee (DLP) Endpoint for Windows Vulnerabilities
April 15, 2021Rewterz Threat Alert – AZORult Malware – Updated IOCs
April 16, 2021Severity
High
Analysis Summary
CVE-2020-15795
The names of the DNS responses are not properly validated by the DNS domain name label parsing functionality. The parsing of malformed responses could result in a write past the end of an allocated structure. The vulnerability could result in denial-of-service conditions if an attacker with a privileged position in the network could exploit the vulnerability and execute code in the context of the current process.
CVE-2020-27009
The pointer offset values are not properly validated by the DNS domain name record decompression functionality. The parsing of malformed responses could result in a write past the end of an allocated structure. The vulnerability could result in denial-of-service conditions if an attacker with a privileged position in the network could exploit the vulnerability and execute code in the context of the current process.
Impact
- Denial-of-service
- Remote code execution
Affected Vendors
Siemens
Affected Products
- Nucleus NET: All versions prior to v5.2
- Nucleus RTOS
- Nucleus Source Code
- Nucleus VSTAR
Remediation
Refer to the ICS advisory for the complete list of affected products, mitigation methods, and their respective patches. https://us-cert.cisa.gov/ics/advisories/icsa-21-103-04