Rewterz Threat Advisory – ICS: Schneider Electric EcoStruxure Operator Terminal Expert runtime
December 2, 2020Rewterz Threat Alert – Malicious NPM Packages Install njRAT
December 2, 2020Rewterz Threat Advisory – ICS: Schneider Electric EcoStruxure Operator Terminal Expert runtime
December 2, 2020Rewterz Threat Alert – Malicious NPM Packages Install njRAT
December 2, 2020Severity
High
Analysis Summary
CVE-2020-14305
Linux Kernel could allow a remote attacker to gain elevated privileges on the system, caused by an out-of-bounds memory write flaw in how the Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. An attacker could exploit this vulnerability to gain elevated privileges on the system.
Impact
Privilege escalation
Affected Vendors
Linux
Affected Products
Linux Kernel
Remediation
Update to latest version.