Rewterz

Rewterz Threat Advisory – Trend Micro OfficeScan XG Security Bypass Vulnerability

March 28, 2019
Rewterz

Rewterz Threat Advisory – CVE-2017-3823 Cisco WebEx Browser Extension Remote Code Execution Vulnerability

March 29, 2019

CVE-2018-19282 Rockwell Automation PowerFlex 525 AC Drives

Severity

Medium

Analysis Summary

A remote, unauthenticated threat actor can repeatedly send specific CIP packets to an affected PowerFlex 525 drive, which may allow disruption of the availability of the device.

Impact

  • Resource exhaustion
  • Denial of service
  • Memory corruption

Affected Vendors

Rockwell Automation

Affected Products

PowerFlex 525 AC Drives

Remediation

Vendor has released the patch/ firmware to address this vulnerability.  Download the latest version of the firmware from:

https://compatibility.rockwellautomation.com/Pages/MultiProductDownload.aspx?Keyword=25B&crumb=112

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.