Rewterz

Rewterz Threat Alert – Phishing Campaign targeting Bank Employees in Pakistan forging Zimbra

March 27, 2019
Rewterz

Rewterz Threat Advisory – Trend Micro OfficeScan XG Security Bypass Vulnerability

March 28, 2019

Rewterz Threat Advisory – CVE-2019-6569 SIEMENS SCALANCE X – Expected Behavior Violation

Severity

Medium

Analysis Summary

CVE-2019-6569

The monitor barrier of the affected products insufficiently blocks data from being forwarded over the mirror port and into the mirrored network. An attacker could exploit this vulnerability to transmit malicious packets to systems in the mirrored network to influence their configuration and runtime behavior.
This vulnerability could be exploited by an attacker with network access to the traffic-receiving network. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the confidentiality and availability of the traffic-generating network.

Impact

Feed data over a mirror port and into the mirrored network.

Affected Vendors

Siemens

Affected Products

SCALANCE X

Remediation

To reduce the risk of the vulnerability, vendor has identified the following workaround/mitigation.

Update to v4.1:  https://support.industry.siemens.com/cs/ww/en/view/109762982 

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.