Rewterz

Rewterz Threat Advisory – Windows 10: Privilege Escalation Vulnerabilities Found in Over 40 Drivers

August 13, 2019
Rewterz

Rewterz Threat Alert – Cerberus – A new Banking Trojan being sold as Android Malware

August 13, 2019

Rewterz Threat Advisory – CVE-2019-9569 – Delta ICS Flaw Allows Total Industrial Takeover

Severity

High

Analysis Summary

A new bug has been reported in a Delta ICS controller that oversees HVAC, lighting, sensor and alarm systems, etc. The vulnerability could allow malicious actors on the same network complete control of the operating system. The bug is caused by a buffer-overflow vulnerability, i.e. a mismatch in the memory sizes used to handle incoming network data.
The researchers used broadcast traffic (launching attack without knowing target’s location on the network) and were able to control any hardware connected to the vulnerable manager by remotely issuing commands to it.

Affected Vendors

Delta

Affected Products

Delta enteliBUS Manager

Remediation

Delta Controls has issued a patch, which should be applied quickly.

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.