The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
Given the privileged position these devices occupy on the networks they serve, they are prime targets for attackers, so their security posture is of paramount importance.
Uncovering weaknesses in Apple macOS and VMWare vCenter: 12 vulnerabilities in RPC implementation
Uncovered issues fall into use-after-free, buffer-overflow, information leak and denial of service vulnerability classes. Some of these could be combined to achieve remote code execution or privilege escalation.
Taking over Milesight UR32L routers behind a VPN: 22 vulnerabilities and a full chain
In all, Cisco Talos is releasing 22 security advisories today, nine of which have a CVSS score greater than 8, associated with 69 CVEs.
Vulnerability Spotlight: Use-after-free condition in Google Chrome WebGL
TALOS-2023-1724 (CVE-2023-1531) occurs if the user opens a specially crafted web page in Chrome.
Two remote code execution vulnerabilities disclosed in Microsoft Excel
Microsoft disclosed these issues and patched them as part of June’s monthly security release for the company.
Memory corruption vulnerability in Mitsubishi PLC could lead to DoS, code execution
A vulnerability, TALOS-2023-1727 (CVE-2023-1424), exists in the device’s MELSOFT Direct functionality that is triggered if an adversary sends the targeted device a specially crafted network packet.
Vulnerability Spotlight: Authentication bypass, use-after-free vulnerabilities found in a library for the µC/OS open-source operating system
TALOS-2022-1680 (CVE-2022-41985) could allow an attacker to bypass the authentication protocol on the operating system, or cause a denial-of-service, by sending the targeted machine a specially crafted set of network packets.
Microsoft Patch Tuesday for May 2023 — Fewest vulnerabilities disclosed in a month in three-plus years
One of the vulnerabilities is being actively exploited in the wild, according to Microsoft, the fourth month in a row in which this is the case.
Vulnerability Spotlight: Vulnerabilities in IBM AIX could lead to command injection with elevated privileges
The issue could then allow the malicious actor to generate arbitrary logs which can trigger malicious commands to be run with elevated privileges.