Rewterz

Rewterz Threat Alert – APT32 Ocean Lotus – IOCs

August 22, 2021
Rewterz

Rewterz Threat Alert –GandCrab Ransomware – Active IOCs

August 22, 2021

Rewterz Threat Advisory – ICS – Siemens SINEMA Vulnerability

Severity

High

Analysis Summary

CVE-2021-31338

Siemens SINEMA Remote Connect Client could allow a locally authenticated attacker to gain elevated privileges on the system, caused by allowing modify configuration settings over an unauthenticated channel. An attacker could exploit this vulnerability to escalate privileges and execute arbitrary code on the device.

Impact

  • Unauthorized Access

Affected Vendors

Siemens

Affected Products

  • Siemens Sinema Remote Connect Client 3.0

Remediation

Refer to Siemens Security Advisory for the patch, upgrade, or suggested workaround information

https://cert-portal.siemens.com/productcert/pdf/ssa-816035.pdf

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.