Rewterz Threat Advisory – CVE-2020-8482 – ICS: ABB Device Library Wizard Information Disclosure Vulnerability

Rewterz Threat Advisory – ICS: Schneider Electric EcoStruxure Operator Terminal Expert

May 26, 2020

Rewterz Threat Alert – Fake Zoom Installers Hiding Zapiz Backdoor and Devil Shadow

May 28, 2020

Rewterz Threat Advisory – CVE-2020-8482 – ICS: ABB Device Library Wizard Information Disclosure Vulnerability

Severity

Medium

Analysis Summary

A vulnerability exists in Device Library Wizard in the affected product versions listed. It creates a file that contains confidential data that could be read by low privileged users. This could allow the attacker to take control of one or multiple system nodes.

Impact

Exposure of sensitive data

Affected Vendors

ABB

Affected Products

ABB Device Library Wizard versions 6.0.X
ABB Device Library Wizard versions 6.0.3.1
ABB Device Library Wizard versions 6.0.3.2

Remediation

ABB recommends that customers apply the update,

Device Library Wizard version 6.0.3.2 RU1
Device Library Wizard version 6.0.3.3
Device Library Wizard version 6.1.X onwards

Rewterz Threat Advisory – ICS: Schneider Electric EcoStruxure Operator Terminal Expert

Rewterz Threat Alert – Fake Zoom Installers Hiding Zapiz Backdoor and Devil Shadow

Rewterz Threat Advisory – CVE-2020-8482 – ICS: ABB Device Library Wizard Information Disclosure Vulnerability

Severity

Analysis Summary

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan