Rewterz Threat Advisory - Apache Thrift denial of service

Rewterz Threat Alert – MuddyWater Campaign Using ScreenConnect RAT

February 12, 2021

Rewterz Threat Advisory – Solarwinds Orion Platform privilege escalation

February 15, 2021

Rewterz Threat Advisory – Apache Thrift denial of service

Severity

High

Analysis Summary

CVE-2020-13949

Apache Thrift is vulnerable to a denial of service, caused by improper input validation. By sending specially-crafted messages, a remote attacker could exploit this vulnerability to cause a large memory allocation, and results in a denial of service condition.

Impact

Denial of service

Affected Vendors

Apache

Affected Products

Apache Thrift 0.13.0

Remediation

Upgrade to the latest version of Thrift (0.14.0 or later)

Rewterz Annual Threat Intelligence Report 2025 - Download Now

Rewterz Threat Advisory – Apache Thrift denial of service

Severity

Analysis Summary

CVE-2020-13949

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan