Rewterz Threat Advisory – ICS: mySCADA myDESIGNER

Rewterz Threat Advisory – ICS: VISAM VBASE Editor Vulnerabilities

November 10, 2021

Rewterz Threat Alert – IcedID banking Trojan – Active IOCs

November 10, 2021

Rewterz Threat Advisory – ICS: mySCADA myDESIGNER

Severity

High

Analysis Summary

CVE-2021-3091

The affected product fails to properly validate the contents of an imported project file, which may make the product vulnerable to a path traversal payload. This vulnerability may allow an attacker to plant files on the file system in arbitrary locations or overwrite existing files, resulting in remote code execution.

Impact

Remote Code Execution

Affected Vendors

mySCADA

Affected Products

myDESIGNER: Versions 8.20.0 and prior

Remediation

Refer to CISA Advisory for the patch, upgrade, or suggested workaround information.

https://us-cert.cisa.gov/ics/advisories/icsa-21-313-04

Rewterz Threat Advisory – ICS: VISAM VBASE Editor Vulnerabilities

Rewterz Threat Alert – IcedID banking Trojan – Active IOCs

Rewterz Threat Advisory – ICS: mySCADA myDESIGNER

Severity

Analysis Summary

CVE-2021-3091

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan