Cisco Talos Blog

July 14, 2020 14:10

Vulnerability Spotlight: Multiple vulnerabilities in RemoteFX affects, AMD, Intel chips

Piotr Bania of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in Intel’s Graphics Accelerator Driver and in an AMD Radeon driver. The Intel driver was released in 2019 and is used in multiple Intel inte

July 10, 2020 11:30

Vulnerability Spotlight: SQL injection vulnerability in Glacies IceHRM

Yuri Kramarz of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos researchers recently discovered that the Glacies' IceHRM software contains a vulnerability that could allow an adversary to inject SQL. IceHRM is a human resource management tool, all

July 2, 2020 12:13

Vulnerability Spotlight: Google Chrome PDFium memory corruption vulnerability

Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The PDF renderer inside Google Chrome, known as PDFium, contains a memory corruption vulnerability that could be exploited by an adversary. PDFium is open-source software that is utilized in th

July 1, 2020 15:51

Vulnerability Spotlight: Information disclosure vulnerability in Mozilla Firefox

Cisco Talos recently discovered an information disclosure vulnerability in Mozilla Firefox. An attacker can exploit this bug by tricking a user into visiting a specially crafted web page through the browser. If successful, the adversary could use leaked memory to bypass ASLR an

July 1, 2020 14:00

Vulnerability Spotlight: Remote code execution vulnerabilities in LEADTOOLS 20

Cisco Talos recently discovered a remote code execution vulnerability in the LEADTOOLS line of imaging toolkits. LEADTOOLS is a collection of toolkits designed to perform a variety of functions aimed at integrating documents, multimedia and imaging technologies into applications.

June 10, 2020 16:21

Vulnerability Spotlight: Two code execution vulnerabilities in Microsoft Excel

Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos researchers recently discovered two code execution vulnerabilities in Microsoft Excel. Microsoft released updates for these two bugs as part of their Patch Tuesday security up

June 10, 2020 10:00

Vulnerability Spotlight: Remote code execution vulnerability in Firefox’s SharedWorkerService function

Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Mozilla Firefox web browser contains a vulnerability in its SharedWorkerService function that could allow an attacker to gain the ability to remotely execute code on a target’s machine.

June 9, 2020 11:28

Vulnerability Spotlight: Multiple vulnerabilities in Siemens LOGO! PLC

Alexander Perez-Palma of Cisco Talos and Emanuel Almeida of Cisco Systems discovered these vulnerabilities. Blog by Jon Munshaw. Update (July 15, 2020): Siemens patched another vulnerability that affects the LOGO! PLC's web server. CVE-2020-7593 could allow an adversary to e

June 3, 2020 10:23

Vulnerability Spotlight: Two vulnerabilities in Zoom could lead to code execution

A member of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered two vulnerabilities in the popular Zoom video chatting application that could allow a malicious user to execute arbitrary code on victims’ machines. Video conferencing software has skyrockete