Multiple Dell PowerScale InsightIQ Vulnerabilities

September 11, 2024

CVE-2024-38226 – Microsoft Publisher Zero-Day Vulnerability Exploit in the Wild

September 11, 2024

ICS: Siemens SINEMA Remote Connect Client Vulnerability

September 11, 2024

Severity

Medium

Analysis Summary

CVE-2024-42344

Siemens SINEMA Remote Connect Client could allow a local authenticated attacker to obtain sensitive information, caused by the insertion of sensitive information into a log file. By gaining access to the log files, an attacker could exploit this vulnerability to obtain other users' configuration data, and use this information to launch further attacks against the affected system.

Impact

Information Disclosure

Indicators of Compromise

CVE

CVE-2024-42344

Affected Vendors

Siemens

Affected Products

Siemens SINEMA Remote Connect Client - 3.2

Remediation

Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.

Siemens Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Ivanti Product Flaws Allow DoS Attacks

Critical Security Advisory: Heightened Alert Urged for Potential Cyberattacks Targeting Pakistan on Independence Day

Charon Ransomware Uses DLL Sideloading and Anti-EDR Tactics – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Multiple Dell PowerScale InsightIQ Vulnerabilities

CVE-2024-38226 – Microsoft Publisher Zero-Day Vulnerability Exploit in the Wild

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation