Rewterz Threat Advisory – ICS: Mitsubishi Electric FA Engineering Software and GX Works2

December 20, 2021

Rewterz Threat Advisory – Multiple Apache Vulnerabilities

December 21, 2021

Rewterz Threat Advisory – CVE-2021-42278 – Microsoft Windows privilege escalation

December 21, 2021

Severity

High

Analysis Summary

CVE-2021-42278

Microsoft could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Active Directory Domain Services. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

Impact

Privilege Escalation

Affected Vendors

Microsoft

Affected Products

Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
Microsoft Windows Server 2019

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system.

Refer to Microsoft advisory for the complete list of affected products and their respective patches.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42278

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

North Korean APT Kimsuky aka Black Banshee – Active IOCs

Sophisticated BPFDoor Malware Detected Targeting Linux Systems – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – ICS: Mitsubishi Electric FA Engineering Software and GX Works2

Rewterz Threat Advisory – Multiple Apache Vulnerabilities

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.