Cisco Talos Blog

April 14, 2020 14:08

Vulnerability Spotlight: Information disclosure vulnerability in Microsoft Media Foundation

Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Microsoft Media Foundation contains an information disclosure vulnerability that could allow an attacker to eventually remotely execute code on the victim machine. Media Foundation is a COM-

March 24, 2020 10:30

Vulnerability Spotlight: Intel Raid Web Console 3 denial-of-service bugs

Geoff Serrao of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two denial-of-service vulnerabilities in the web API functionality of Intel RAID Web Console 3. The Raid Web Console is a web-based application that provides severa

March 23, 2020 11:21

Vulnerability Spotlight: Multiple vulnerabilities in Videolabs libmicrodns

Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. A specific library in the Videolabs family of software contains multiple vulnerabilities that could lead to denial of service and code execution. Videolabs is a company founded by VideoLAN memb

March 23, 2020 11:00

Vulnerability Spotlight: Denial-of-service vulnerability in GStreamer

Peter Wang of Cisco ASIG discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a denial-of-service vulnerability in GStreamer, a pipeline-based multimedia framework. GStreamer contains gst-rtsp-server, an open-source library that allows the user to

March 10, 2020 13:23

Vulnerability Spotlight: Information disclosure in Windows 10 Kernel

Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an information disclosure vulnerability in the Windows 10 kernel. An attacker could exploit this vulnerability by tricking the victim into opening a specially craft

March 9, 2020 10:47

Vulnerability Spotlight: WAGO products contain remote code execution, other vulnerabilities

Patrick DeSantis, Carl Hurd, Kelly Leuschner and Lilith [-_-]; of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered several vulnerabilities in multiple products from the company WAGO. WAGO produces a line of automation software cal

February 18, 2020 12:07

Vulnerability Spotlight: Memory corruption, DoS vulnerabilities in CoTURN

Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. CoTURN contains denial-of-service and memory corruption vulnerabilities in the way its web server parses POST requests. CoTURN is a TURN server implementation that can be used as a general- pur

February 12, 2020 08:44

Vulnerability Spotlight: Remote code execution vulnerability in Apple Safari

Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Apple Safari web browser contains a remote code execution vulnerability in its Fonts feature. If a user were to open a malicious web page in Safari, they could trigger a type confusion, result

February 11, 2020 14:31

Vulnerability Spotlight: Code execution vulnerability in Microsoft Excel

Marcin Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Microsoft Excel contains a code execution vulnerability. This specific bug lies in the component of Excel that handles the Microsoft Office HTML and XML file types, first introduced in Office 2000. M