Rewterz Threat Advisory – ICS: Schneider Electric Enerlin’X Com’X 510

June 18, 2021

Rewterz Threat Advisory – ICS: Siemens JT2Go Vulnerability

June 18, 2021

Rewterz Threat Advisory – ICS: Advantech WebAccess/SCADA

June 18, 2021

Severity

High

Analysis Summary

CVE-2021-32956

The affected product is vulnerable to redirection, which may allow an attacker to send a maliciously crafted URL that could result in redirecting a user to a malicious webpage. Successful exploitation of this vulnerability could allow an attacker to read files outside the intended directory or redirect a user to a malicious webpage.

CVE-2021-32954

The affected product is vulnerable to a directory traversal, which may allow an attacker to remotely read arbitrary files on the file system. Successful exploitation of this vulnerability could allow an attacker to read files outside the intended directory or redirect a user to a malicious webpage.

Impact

Relative Path Traversal
Open Redirect

Affected Vendors

Advantech

Affected Products

WebAccess/SCADA Versions 9.0.1 and prior

Remediation

Refer to vendor advisory for the complete list of affected products and their respective patches at
https://us-cert.cisa.gov/ics/advisories/icsa-21-168-03

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Cyberattack Targets Exposed MS-SQL Servers

Multiple Apache Products Vulnerabilities

Microsoft’s Symlink Update Introduces New DoS Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – ICS: Schneider Electric Enerlin’X Com’X 510

Rewterz Threat Advisory – ICS: Siemens JT2Go Vulnerability

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.