Rewterz Threat Advisory – ICS: Siemens Desigo products Vulnerability

Rewterz Threat Alert – APT36 Crimson RAT – Active IOCs

May 11, 2022

Rewterz Threat Alert – Orcus RAT – Active IOCs

May 11, 2022

Rewterz Threat Advisory – ICS: Siemens Desigo products Vulnerability

Severity

High

Analysis Summary

CVE-2021-41545

Siemens Desigo products are vulnerable to a denial of service, caused by an uncaught exception in the BACnet communication function implementation. By sending a specially-crafted BACnet protocol packet, a remote attacker could exploit this vulnerability to cause a denial of service.

Impact

Denial of Service

Indicators Of Compromise

CVE

CVE-2021-41545

Affected Vendors

Siemens

Affected Products

Siemens Desigo DXR2
Siemens Desigo PXC3
Siemens Desigo PXC4
Siemens Desigo PXC5

Remediation

Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information

Siemens Security Advisory

Rewterz Threat Alert – APT36 Crimson RAT – Active IOCs

Rewterz Threat Alert – Orcus RAT – Active IOCs

Rewterz Threat Advisory – ICS: Siemens Desigo products Vulnerability

Severity

Analysis Summary

CVE-2021-41545

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan