Rewterz Threat Advisory – ICS: Schneider Electric IGSS SCADA Software
March 12, 2021Rewterz Threat Alert – Purchase Order Malspam Delivers NanoCore RAT
March 12, 2021Rewterz Threat Advisory – ICS: Schneider Electric IGSS SCADA Software
March 12, 2021Rewterz Threat Alert – Purchase Order Malspam Delivers NanoCore RAT
March 12, 2021Severity
Medium
Analysis Summary
CVE-2021-25673
An attacker with local access to the system could cause a denial-of-service condition in the application when it is used to open a specially crafted file. As a result, the application could enter an infinite loop, become unresponsive, and must be restarted to restore the service.
CVE-2021-25674
An attacker with local access to the system could cause a denial-of-service condition in the application when it is used to open a specially crafted file. As a result, a NULL pointer deference condition could cause the application to terminate unexpectedly and must be restarted to restore the service.
CVE-2021-25675
An attacker with local access to the system could cause a denial-f-service condition in the application when it is used to open a specially crafted file. As a result, a divide by zero operation could occur and cause the application to terminate unexpectedly and must be restarted to restore the service.
Impact
Denial of service
Affected Vendors
Siemens
Affected Products
SIMATIC S7-PLCSIM v5.4
Remediation
Refer to ICS advisory for the complete list of affected products and their respective patches.