Rewterz

Rewterz Threat Alert – ModiLoader aka DBatLoader – Active IOCs IOCs

May 10, 2023
Rewterz

Rewterz Threat Advisory – ICS: Multiple Siemens Products Vulnerabilities

May 11, 2023

Rewterz Threat Advisory – CVE-2021-26354 – Multiple AMD Chipsets Vulnerability

Severity

Medium

Analysis Summary

CVE-2021-26354

Multiple AMD chipsets could allow a local attacker to bypass security restrictions, caused by improper bounds checking in ASP. By sending a specially-crafted request using a system call from a compromised ABL, an attacker could exploit this vulnerability to cause arbitrary memory values to be initialized to zero.

Impact

  • Security Bypass

Indicators Of Compromise

CVE

  • CVE-2021-26354

Affected Vendors

Amd

Affected Products

  • AMD Ryzen 1000 series Processor
  • AMD 1st Generation EPYC
  • AMD Athlon 3000 Series
  • AMD Ryzen 2000 Series processors
  • AMD Ryzen Threadripper 2nd gen processors
  • AMD Ryzen 5000 Series Mobile Processors with Radeon Graphics
  • AMD Ryzen 3000 Series Mobile Processors with Radeon Graphics

Remediation

Refer to AMD Security Advisory for patch, upgrade or suggested workaround information.

AMD Security Advisory 3001

AMD Security Advisory 4001

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.