Rewterz Threat Advisory – ICS: Tridium Niagara Information Disclosure Vulnerabilities

Rewterz Threat Advisory – Multiple Vulnerabilities in Google Chrome

September 20, 2019

Rewterz Threat Alert – Emotet – Indicators of Compromise

September 20, 2019

Rewterz Threat Advisory – ICS: Tridium Niagara Information Disclosure Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2019-8998

The QNX procfs service provides access to various process information and assets, which could allow a less privileged process to gain access to a target address space.

CVE-2019-13528

A specific utility may allow an attacker to gain read access to privileged files.

Impact

Information Exposure
Improper Authorization

Affected Vendors

Tridium

Affected Products

Niagara AX 3.8u4
Niagara 4.4u3
Niagara 4.7u1

Remediation

Tridium has released updates for the following products:

Niagara AX 3.8u4:
- OS Dist: 2.7.402.2
- NRE Config Dist: 3.8.401.1
Niagara 4.4u3:
- OS Dist: 4.4.73.38.1 NRE Config
- Dist: 4.4.94.14.1
Niagara 4.7u1:
- OS Dist: (JACE 8000) 4.7.109.16.1
- OS Dist (Edge 10): 4.7.109.18.1
- NRE Config Dist: 4.7.110.32.1

Rewterz Threat Advisory – Multiple Vulnerabilities in Google Chrome

Rewterz Threat Alert – Emotet – Indicators of Compromise

Rewterz Threat Advisory – ICS: Tridium Niagara Information Disclosure Vulnerabilities

Severity

Analysis Summary

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan