Rewterz

Rewterz Threat Advisory –IBM Guardium Data Encryption Vulnerability

July 30, 2021
Rewterz

Rewterz Threat Alert – Donot APT Group – IOCs

July 30, 2021

Rewterz Threat Advisory – ICS: Mitsubishi Electric FA Engineering Software Products

Severity

High

Analysis Summary

CVE-2021-20587 

A malicious attacker may cause a denial-of-service condition by spoofing MELSEC, GOT, or FREQROL, and returning crafted reply packets.

CVE-2021-20588 

A malicious attacker may cause a denial-of-service condition by spoofing MELSEC, GOT, or FREQROL, and returning crafted reply packets.

Impact

  • Denial of Service

Affected Vendors

Mitsubishi Electric

Affected Products

  • CPU Module Logging Configuration Tool Version 1.118X or later
  • CW Configurator Version 1.012N or later

Remediation

Refer to Mitsubishi Electric websites for the latest patches and updates.

https://www.mitsubishielectric.com/fa/#software

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.