Rewterz

Rewterz Threat Alert – Lokibot Malware – Active IOCs

July 9, 2021
Rewterz

Rewterz Threat Alert – SNAKE Ransomware – Active IOCs

July 9, 2021

Rewterz Threat Advisory –CVE-2021-26701 – Microsoft .NET Core and Visual Studio Vulnerability

Severity

High

Analysis Summary

CVE-2021-26701

Microsoft .NET Core and Visual Studio could allow a remote attacker to execute arbitrary code on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system with elevated privileges. Exploit in the Wild.

Impact

  • Unauthorized Access
  • Code execution

Affected Vendors

Microsoft

Affected Products

  • Microsoft .NET Core 2.1
  • Microsoft .NET Core 3.1
  • Microsoft .NET Core 5.0

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches. See references https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-26701

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.