Rewterz Threat Advisory – Apache Thrift denial of service

Rewterz Threat Alert – MuddyWater Campaign Using ScreenConnect RAT

February 12, 2021

Rewterz Threat Advisory – Solarwinds Orion Platform privilege escalation

February 15, 2021

Rewterz Threat Advisory – Apache Thrift denial of service

Severity

High

Analysis Summary

CVE-2020-13949

Apache Thrift is vulnerable to a denial of service, caused by improper input validation. By sending specially-crafted messages, a remote attacker could exploit this vulnerability to cause a large memory allocation, and results in a denial of service condition.

Impact

Denial of service

Affected Vendors

Apache

Affected Products

Apache Thrift 0.13.0

Remediation

Upgrade to the latest version of Thrift (0.14.0 or later)

Rewterz Threat Alert – MuddyWater Campaign Using ScreenConnect RAT

Rewterz Threat Advisory – Solarwinds Orion Platform privilege escalation

Rewterz Threat Advisory – Apache Thrift denial of service

Severity

Analysis Summary

CVE-2020-13949

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan