Rewterz Threat Advisory – CVE-2019-1649 – Cisco Secure Boot Hardware Tampering Vulnerability
August 5, 2019Rewterz Threat Alert – Beware of Emails Asking You to “Confirm Your Unsubscribe” Request
August 5, 2019Rewterz Threat Advisory – CVE-2019-1649 – Cisco Secure Boot Hardware Tampering Vulnerability
August 5, 2019Rewterz Threat Alert – Beware of Emails Asking You to “Confirm Your Unsubscribe” Request
August 5, 2019Severity
High
Analysis Summary
PowerShell can potentially execute arbitrary code when running specially named scripts due to trusting unsanitized filenames. This occurs when “.ps1” files contain semicolons “;” or spaces as part of the filename, causing the execution of a different trojan file;or the running of unexpected commands straight from the filename itself without the need for a second file.
Impact
Command execution
Affected Vendors
Microsoft
Affected Products
Windows PowerShell
Remediation
There are no patches/ updates for this product as of yet.