Rewterz

APT10 Uses NOOPDOOR and LODEINFO Malware to Attack Japanese Companies – Active IOCs

August 1, 2024
Rewterz

Multiple Google Chrome Vulnerabilities

August 1, 2024

Multiple Dell Peripheral Manager Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-37127 CVSS:7.8

Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege.

CVE-2024-37142 CVSS:7.3

Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege.

CVE-2024-32857 CVSS:7.3

Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege.

Impact

  • Gain Access

Indicators of Compromise

CVE

  • CVE-2024-37127
  • CVE-2024-37142
  • CVE-2024-32857

Affected Vendors

Dell

Affected Products

  • Dell Peripheral Manager

Remediation

Refer to Dell Security Advisory for patch, upgrade, or suggested workaround information.

Dell Security Advisory

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.