Rewterz

Rewterz Threat Alert – Snake Keylogger Malware – Active IOCs

October 5, 2023
Rewterz

Rewterz Threat Advisory – ICS: Hitachi JP1/Performance Management Vulnerability

October 5, 2023

Rewterz Threat Advisory – ICS: Hitachi Ops Center Multiple Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-3335 CVSS:6.5

Hitachi Ops Center Administrator on Linux could allow a local authenticated attacker to obtain sensitive information, caused by the insertion of sensitive information into log file vulnerability. By accessing the log file, an attacker could exploit this vulnerability to obtain sensitive information.

CVE-2023-3967 CVSS:5.3

Hitachi Ops Center Common Services on Linux is vulnerable to a denial of service, caused by the allocation of resources without limits or throttling vulnerability. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.

Impact

  • Information Theft
  • Denial of Service

Indicators Of Compromise

CVE

  • CVE-2023-3335
  • CVE-2023-3967

Affected Vendors

Hitachi

Affected Products

  • Hitachi Hitachi Ops Center Administrator on Linux
  • Hitachi Ops Center Common Services on Linux

Remediation

Refer to Hitachi-sec-2023-140 for patch, upgrade or suggested workaround information.

hitachi-sec-2023-140

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.