Rewterz Threat Advisory – Multiple Dell PowerEdge and Precision Rack Vulnerabilities

Rewterz Threat Advisory – Multiple Microsoft Products Vulnerabilities

March 20, 2024

Rewterz Threat Update – Middle East and Africa Targeted in Wave of Cyberattacks Due to Surge in Ransomware-as-a-Service Model

March 20, 2024

Rewterz Threat Advisory – Multiple Dell PowerEdge and Precision Rack Vulnerabilities

Severity

Low

Analysis Summary

CVE-2024-0173 CVSS:3.8

Dell PowerEdge and Precision Rack could allow a local authenticated attacker to obtain sensitive information, caused by an improper parameter initialization flaw in the BIOS. By sending a specially crafted request, an attacker could exploit this vulnerability to read the contents of non-SMM stack memory, and use this information to launch further attacks against the affected system.

CVE-2024-0154 CVSS:3.8

Impact

Information Disclosure

Indicators Of Compromise

CVE

CVE-2024-0173
CVE-2024-0154

Affected Vendors

Dell

Affected Products

Dell PowerEdge R660
Dell PowerEdge R760
Dell PowerEdge C6620
Dell PowerEdge MX760c
Dell PowerEdge R860
Dell PowerEdge R960

Remediation

Refer to Dell Security Advisory for patch, upgrade, or suggested workaround information.

Dell Security Advisory

Rewterz Threat Advisory – Multiple Microsoft Products Vulnerabilities

Rewterz Threat Update – Middle East and Africa Targeted in Wave of Cyberattacks Due to Surge in Ransomware-as-a-Service Model

Rewterz Threat Advisory – Multiple Dell PowerEdge and Precision Rack Vulnerabilities

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan