Rewterz

Rewterz Threat Alert – IOCs- LokiBot Malware

June 12, 2020
Rewterz

Rewterz Threat Advisory – ICS: Rockwell Automation FactoryTalk Linx Software

June 12, 2020

Rewterz Threat Advisory – CVE-2020-12021 – ICS: OSIsoft PI Web API 2019

Severity

Medium

Analysis Summary

The affected product is vulnerable to a cross-site scripting attack, which may allow an attacker to remotely execute arbitrary code. Successful exploitation of this vulnerability could allow a remote authenticated attacker with write access to a PI Server to trick a user into interacting with a PI Web API endpoint that executes arbitrary JavaScript in the user’s browser, resulting in view, modification, or deletion of data as allowed for by the victim’s user permissions.

Impact

Cross-site Scripting

Affected Vendors

OSIsoft

Affected Products

PI Web API 2019 Patch 1 (1.12.0.6346) and all previous versions

Remediation

OSIsoft recommends affected users upgrade to PI Web API 2019 SP1

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.