Rewterz Threat Advisory – CVE-2021-26094 – FortiWLC – Multiple Buffer Overflow Vulnerabilities

Rewterz Threat Advisory – CVE-2021-1539; CVE-2021-1540 – Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities

June 3, 2021

Rewterz Threat Alert – LockBit Ransomware targeting Network – Active IOCs

June 3, 2021

Rewterz Threat Advisory – CVE-2021-26094 – FortiWLC – Multiple Buffer Overflow Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2021-26094

Multiple instances of stack-based buffer overflow vulnerability in the command line interface of FortiWLC may allow a local, authenticated attacker to crash the access point being managed by the controller and potentially execute unauthorized code via a specifically crafted CLI command.

Impact

Remote code execution
Denial of Service

Affected Vendors

Fortinet

Affected Products

FortiWLC version 8.6.0 and below
FortiWLC version 8.5.3 and below

Remediation

For FortiWLC upgrade to version 8.6.1 or above and for FortiWLC version 8.5.4 and above

https://docs.fortinet.com/document/wireless-controller/8.5.4/fortiwlc-release-notes/682570/about-fortiwlc-8-5-4

Rewterz Threat Advisory – CVE-2021-1539; CVE-2021-1540 – Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities

Rewterz Threat Alert – LockBit Ransomware targeting Network – Active IOCs

Rewterz Threat Advisory – CVE-2021-26094 – FortiWLC – Multiple Buffer Overflow Vulnerabilities

Severity

Analysis Summary

CVE-2021-26094

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan