Rewterz Threat Advisory – ICS: Siemens SINUMERIK Controllers

Rewterz Threat Advisory – Multiple Apache Vulnerabilities

October 14, 2021

Rewterz Threat Alert – SmokeLoader Malware – Active IOCs

October 14, 2021

Rewterz Threat Advisory – ICS: Siemens SINUMERIK Controllers

Severity

High

Analysis Summary

CVE-2021-37199

Siemens SINUMERIK Controllers is vulnerable to a denial of service, caused by a heap-based buffer overflow. By sending specially-crafted packets to port 102/tcp, a remote attacker could exploit this vulnerability to cause a denial of service condition on the device.

Impact

Denial of Service

Affected Vendors

Siemens

Affected Products

Siemens SINUMERIK 828D
Siemens SINUMERIK 808D

Remediation

Refer to CERT-Advisory for patch, upgrade or suggested workaround information.

https://cert-portal.siemens.com/productcert/pdf/ssa-178380.pdf

Rewterz Threat Advisory – Multiple Apache Vulnerabilities

Rewterz Threat Alert – SmokeLoader Malware – Active IOCs

Rewterz Threat Advisory – ICS: Siemens SINUMERIK Controllers

Severity

Analysis Summary

CVE-2021-37199

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan