Nanocore RAT Malware Analysis

June 2, 2020
Rewterz

Rewterz Threat Advisory – ICS: ABB Central Licensing System Multiple Vulnerabilities

June 3, 2020

Rewterz Threat Advisory – ICS: ABB System 800xA Multiple Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2020-8472 

Weak access control lists for system folders could allow low privileged users to modify system and application files.

CVE-2020-8473

An attacker who successfully exploits the weak file permissions in one of the ABB System 800xA functions could corrupt applications by escalating privileges, executing arbitrary code, and affecting various engineering functions.

Impact

  • Privilege escalation
  • Cause system functions to stop
  • Corrupt user applications.

Affected Vendors

ABB

Affected Products

System 800xA

Remediation

Refer to ICS advisory for the complete list of affected products and upgraded patches.

https://www.us-cert.gov/ics/advisories/icsa-20-154-01

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.