Rewterz

Rewterz Threat Advisory – CVE 2019- 11733 – Mozilla Fixes Store Passwords in ‘Saved Logins’ can be copied without master password entry

August 16, 2019
Rewterz

Rewterz Threat Alert – FBR Phishing Campaign Continues to Target Users

August 19, 2019

Rewterz Threat Advisory – CVE 2019-0351 – SAP NetWeaver UDDI Server Remote Code Execution Vulnerability

Severity

High

Analysis Summary

A remote code execution vulnerability exists in the SAP NetWeaver UDDI Server (Services Registry). Because of this, an attacker can exploit Services Registry potentially enabling them to take complete control of the product, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. It can also be used to cause a general fault in the product, causing the product to terminate.

Impact

Remote code execution

Affected Vendors

SAP

Affected Products

SAP NetWeaver UDDI Server Versions – 7.10
7.11
7.20
7.30
7.31
7.40
7.50

Remediation

Please see SAP security patch day for more details:

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.