Cisco Talos Intelligence Blog

March 21, 2023 09:03

Vulnerability Spotlight: WellinTech ICS platform vulnerable to information disclosure, buffer overflow vulnerabilities

If an adversary could capture an authentication packet, it contains all the necessary information to steal the target user’s username and password for the software.

August 1, 2022 12:08

Vulnerability Spotlight: How misusing properly serialized data opened TCL LinkHub Mesh Wi-Fi system to 17 vulnerabilities

The TCL LinkHub Mesh Wi-Fi system is a multi-device Wi-Fi system that allows users to expand access to their network over a large physical area. What makes the LInkHub system unique is the lack of a network interface to manage the devices individually or in the mesh. Instead, a p

April 25, 2019 14:04

Vulnerability Spotlight: Multiple vulnerabilities in Sierra Wireless AirLink ES450

Several exploitable vulnerabilities exist in the Sierra Wireless AirLink ES450, an LTE gateway designed for distributed enterprise, such as retail point-of-sale or industrial control systems. These flaws present a number of attack vectors for a malicious actor, and could allow th

January 15, 2019 15:01

Vulnerability Deep Dive: TP-Link TL-R600VPN remote code execution vulnerabilities

Introduction TP-Link recently patched three vulnerabilities in their TL-R600VPN gigabit broadband VPN router, firmware version 1.3.0. Cisco Talos publicly disclosed these issues after working with TP-Link to ensure that a patch was available. Now that a fix is out there, we wan