April 14, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Multiple Node.js Vulnerabilities
July 2, 2021Rewterz Threat Advisory –ICS: Delta Electronics DOPSoft
July 2, 2021Rewterz Threat Advisory – Multiple Node.js Vulnerabilities
July 2, 2021Rewterz Threat Advisory –ICS: Delta Electronics DOPSoft
July 2, 2021
Severity
High
Analysis Summary
CVE-2021-27661
Sending specifically crafted web messages to the Facility Explorer SNC Series Supervisory Controller (F4-SNC) could give an authenticated F4-SNC user unintended access to the controller’s file system, which may allow an attacker to access or modify system files.
Impact
- Privilege Escalation
- Improper Privilege Management
Affected Vendors
Johnson Controls
Affected Products
- Facility Explorer SNC Series Supervisory Controller: Version 11
Remediation
For Further information regarding patches refer to https://us-cert.cisa.gov/ics/advisories/icsa-21-182-01
