Rewterz Threat Advisory –CVE-2021-21601 – Dell EMC Data Protection Security Vulnerability

Rewterz Threat Alert –Sodinokibi Ransomware – Active IOCs

August 10, 2021

Rewterz Threat Alert –Raccoon Infostealer – Active IOCs

August 10, 2021

Rewterz Threat Advisory –CVE-2021-21601 – Dell EMC Data Protection Security Vulnerability

Severity

High

Analysis Summary

CVE-2021-21601

Dell EMC Data Protection Search contains an Information Exposure in Log File Vulnerability in CIS. A local low privileged attacker may potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with the privileges of the compromised account.

Impact

Credential Theft
Information Disclosure

Affected Vendors

Dell

Affected Products

Dell EMC Data Protection Search Versions before 19.5
Dell EMC Integrated Data Protection Appliance Versions before 2.7

Remediation

For the complete list of affected products and mitigation techniques refer to the vendor website at

https://www.dell.com/support/kbdoc/en-pk/000189555/dell-emc-data-protection-search-security-update-for-multiple-vulnerabilities

Rewterz Threat Alert –Sodinokibi Ransomware – Active IOCs

Rewterz Threat Alert –Raccoon Infostealer – Active IOCs

Rewterz Threat Advisory –CVE-2021-21601 – Dell EMC Data Protection Security Vulnerability

Severity

Analysis Summary

CVE-2021-21601

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan