• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – BEC Scam Harvesting Data for Financial Crime
November 6, 2020
Rewterz Threat Advisory – CVE-2020-27694 – Trend Micro InterScan Messaging Virtual Appliance
November 6, 2020

Rewterz Threat Advisory – ICS:Mitsubishi Electric GT14 Model of GOT1000 Series

November 6, 2020

Severity

High

Analysis Summary

CVE-2020-5644 

The affected product has a memory corruption vulnerability, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution.

CVE-2020-5645

The affected product has a session fixation vulnerability, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition.

CVE-2020-5646

The affected product has a NULL pointer dereference vulnerability, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition.

CVE-2020-5647

The affected product has an access control issue, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution.

CVE-2020-5648

The affected product is vulnerable to an argument injection, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution.

CVE-2020-5649 

The affected product has a resource management issue, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition.

Impact

Denial of service

Affected Vendors

Mitsubishi Electric

Affected Products

GT14 model of GOT1000 Series

Remediation

Refer to ICS advsory for the complete list of affected products and their respective patches.

https://us-cert.cisa.gov/ics/advisories/icsa-20-310-02

  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.