Rewterz Threat Advisory – CVE-2021-27394 – ICS: Siemens Mendix

Rewterz Threat Advisory – Multiple Oracle MySQL Vulnerabilities

April 22, 2021

Rewterz Threat Advisory – Junos OS Remote Code Execution Vulnerability

April 22, 2021

Rewterz Threat Advisory – CVE-2021-27394 – ICS: Siemens Mendix

Severity

Medium

Analysis Summary

CVE-2021-27394

Authenticated, non-administrative users could modify their privileges by manipulating the user role under certain circumstances, allowing them to gain administrative privileges.Successful exploitation of this vulnerability could allow a non-administrative user to gain administrative privileges.

Impact

Privilege access
Improper Privilege Management

Affected Vendors

Siemens

Affected Products

Mendix Applications using Mendix 7 All versions prior to v7.23.19
Mendix Applications using Mendix 8 All versions prior to v8.17.0
Mendix Applications using Mendix 8 (v8.12) All versions prior to v8.12.5
Mendix Applications using Mendix 8 (v8.6) All versions prior to v8.6.9
Mendix Applications using Mendix 9 All versions prior to v9.0.5

Remediation

Refer to ICS advisory for the complete list of affected products and their respective patches.

https://us-cert.cisa.gov/ics/advisories/icsa-21-110-07

Rewterz Annual Threat Intelligence Report 2025 - Download Now

Rewterz Threat Advisory – Multiple Oracle MySQL Vulnerabilities

Rewterz Threat Advisory – Junos OS Remote Code Execution Vulnerability

Rewterz Threat Advisory – CVE-2021-27394 – ICS: Siemens Mendix

Severity

Analysis Summary

CVE-2021-27394

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan