Cisco Talos Intelligence Blog

May 26, 2023 15:05

Memory corruption vulnerability in Mitsubishi PLC could lead to DoS, code execution

A vulnerability, TALOS-2023-1727 (CVE-2023-1424), exists in the device’s MELSOFT Direct functionality that is triggered if an adversary sends the targeted device a specially crafted network packet.

May 10, 2023 11:05

Vulnerability Spotlight: Authentication bypass, use-after-free vulnerabilities found in a library for the µC/OS open-source operating system

TALOS-2022-1680 (CVE-2022-41985) could allow an attacker to bypass the authentication protocol on the operating system, or cause a denial-of-service, by sending the targeted machine a specially crafted set of network packets.

May 9, 2023 13:05

Microsoft Patch Tuesday for May 2023 — Fewest vulnerabilities disclosed in a month in three-plus years

One of the vulnerabilities is being actively exploited in the wild, according to Microsoft, the fourth month in a row in which this is the case.

April 24, 2023 10:04

Vulnerability Spotlight: Vulnerabilities in IBM AIX could lead to command injection with elevated privileges

The issue could then allow the malicious actor to generate arbitrary logs which can trigger malicious commands to be run with elevated privileges.

April 13, 2023 10:04

Vulnerability Spotlight: Hard-coded password vulnerability could allow attacker to completely take over Lenovo Smart Clock

Talos also alerted Lenovo that the clock’s hardcoded root password is weak and easily guessed or cracked.

April 11, 2023 15:04

Microsoft Patch Tuesday for April 2023 — Snort rules and prominent vulnerabilities

April is the third month in a row in which at least one of the vulnerabilities Microsoft released in a Patch Tuesday had been exploited in the wild prior to disclosure.

April 5, 2023 11:04

Vulnerability Spotlight: Vulnerabilities in popular Japanese word processing software could lead to arbitrary code execution, other issues

Ichitaro uses the ATOK input method (IME) and uses the proprietary .jtd file extension. It’s the second most-popular word processing system in Japan behind only Microsoft word.

April 3, 2023 11:04

Vulnerability Spotlight: Buffer overflow vulnerability in ADMesh library

A specially crafted STL file can lead to a heap buffer overflow.

March 30, 2023 15:03

Vulnerability Spotlight: Vulnerability in ManageEngine OpManager could lead to XXE attack

XXE attacks allow an adversary to interact with other backend or external systems that OpManager accesses.