Rewterz Threat Advisory – CVE-2022-30136 – Microsoft Windows Network File System Vulnerability

July 20, 2022

Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs

July 20, 2022

Rewterz Threat Advisory – CVE-2022-21505 – Linux Kernel Lockdown feature Vulnerability

July 20, 2022

Severity

Medium

Analysis Summary

CVE-2022-21505

Linux Kernel could allow a local authenticated attacker to bypass security restrictions, caused by a flaw when Secure Boot is disabled or unavailable. By sending a specially-crafted request to add ima_appraise=log to the kernel command line, an attacker could exploit this vulnerability to bypass the Lockdown protection feature.

Impact

Security Bypass

Indicators Of Compromise

CVE

CVE-2022-21505

Affected Vendors

Linux

Affected Products

Linux Kernel

Remediation

Refer to Linux Kernel Website for patch, upgrade or suggested workaround information.

Linux Kernel Website

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

North Korean APT Kimsuky aka Black Banshee – Active IOCs

Sophisticated BPFDoor Malware Detected Targeting Linux Systems – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – CVE-2022-30136 – Microsoft Windows Network File System Vulnerability

Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.