Friday, August 13, 2021

Vulnerability Spotlight: Memory corruption vulnerability in Daemon Tools Pro

Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. 

Cisco Talos recently discovered a memory corruption vulnerability in Disc Soft Ltd.'s Daemon Tools Pro. 

Daemon Tools Pro is a professional emulation software that works with disc images and virtual drives. It allows the user to mount ISO images on Windows systems.

TALOS-2021-1295 (CVE-2021-21832) can cause memory corruption in the application if the user opens an adversary-created ISO file that causes an integer overflow. This vulnerability exists in the way the application parses ISOs.

Cisco Talos worked with Disco Soft Ltd. to ensure that this issue is resolved and an update is available for affected customers, all in adherence to Cisco’s vulnerability disclosure policy

Users are encouraged to update from Disc Soft Ltd. Daemon Tools Pro, version 8.3.0.0767 as soon as possible. Talos tested and confirmed this version of Daemon Tools could be exploited by this vulnerability. 

The following SNORTⓇ rules will detect exploitation attempts against this vulnerability: 57546 and 57547. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org. 

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.