Rewterz Threat Advisory – CVE-2021-22749 – ICS: Schneider Electric Modicon X80

June 9, 2021

Rewterz Threat Advisory – CVE-2021-33741 – Microsoft Edge privilege escalation

June 9, 2021

Rewterz Threat Advisory – CVE-2021-27610 – Critical Vulnerability in SAP ABAP Server

June 9, 2021

Severity

High

Analysis Summary

CVE-2021-27610

ABAP server could not correctly identify if communication via RFC or HTTP is between the application servers of the same SAP system or with servers outside the same system a malicious user could abuse stolen credentials for external RFC or HTTP calls, to establish a connection with the affected SAP system, in which a malicious external program would pretend to be an internal caller.

Impact

Information disclosure

Affected Vendors

SAP

Affected Products

SAP NetWeaver ABAP Server

Remediation

Refer to SAP advisory for the complete list of affected product and their respective patches

https://support.sap.com/en/my-support/software-downloads.html

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

North Korean APT Kimsuky aka Black Banshee – Active IOCs

Sophisticated BPFDoor Malware Detected Targeting Linux Systems – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – CVE-2021-22749 – ICS: Schneider Electric Modicon X80

Rewterz Threat Advisory – CVE-2021-33741 – Microsoft Edge privilege escalation

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.