Rewterz Threat Alert – Shuckworm APT Group aka Armageddon Targeting Ukraine – Active IOCs

February 10, 2023

Rewterz Threat Alert – Ursnif Banking Trojan – Active IOCs

February 10, 2023

Rewterz Threat Advisory – ICS: Multiple Siemens Automation License Manager Vulnerabilities

February 10, 2023

Severity

Medium

Analysis Summary

CVE-2022-43513 CVSS:8.2

The affected components allow to rename license files with user chosen input without authentication. This could allow an unauthenticated remote attacker to rename and move files as SYSTEM user.

CVE-2022-43514 CVSS:7.7

The affected component does not correctly validate the root path on folder related operations, allowing to modify files and folders outside the intended root directory. This could allow an unauthenticated remote attacker to execute file operations of files outside of the specified root folder.

Impact

Code Execution
Privilege Escalation

Indicators Of Compromise

CVE

CVE-2022-43513
CVE-2022-43514

Affected Vendors

Siemens

Affected Products

Siemens Automation License Manager V5
Siemens Automation License Manager V6

Remediation

Refer to Siemens Security Advisory for the patch, upgrade, or suggested workaround information.

Siemens Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

North Korean APT Kimsuky aka Black Banshee – Active IOCs

Sophisticated BPFDoor Malware Detected Targeting Linux Systems – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – Shuckworm APT Group aka Armageddon Targeting Ukraine – Active IOCs

Rewterz Threat Alert – Ursnif Banking Trojan – Active IOCs

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.