Cisco Talos Blog

April 24, 2023 10:59

Vulnerability Spotlight: Vulnerabilities in IBM AIX could lead to command injection with elevated privileges

The issue could then allow the malicious actor to generate arbitrary logs which can trigger malicious commands to be run with elevated privileges.

April 13, 2023 10:39

Vulnerability Spotlight: Hard-coded password vulnerability could allow attacker to completely take over Lenovo Smart Clock

Talos also alerted Lenovo that the clock’s hardcoded root password is weak and easily guessed or cracked.

April 11, 2023 15:28

Microsoft Patch Tuesday for April 2023 — Snort rules and prominent vulnerabilities

April is the third month in a row in which at least one of the vulnerabilities Microsoft released in a Patch Tuesday had been exploited in the wild prior to disclosure.

April 5, 2023 11:23

Vulnerability Spotlight: Vulnerabilities in popular Japanese word processing software could lead to arbitrary code execution, other issues

Ichitaro uses the ATOK input method (IME) and uses the proprietary .jtd file extension. It’s the second most-popular word processing system in Japan behind only Microsoft word.

April 3, 2023 11:08

Vulnerability Spotlight: Buffer overflow vulnerability in ADMesh library

A specially crafted STL file can lead to a heap buffer overflow.

March 30, 2023 15:00

Vulnerability Spotlight: Vulnerability in ManageEngine OpManager could lead to XXE attack

XXE attacks allow an adversary to interact with other backend or external systems that OpManager accesses.

March 30, 2023 12:00

Vulnerability Spotlight: Specially crafted files could lead to denial of service, information disclosure in OpenImageIO parser

OpenImageIO is a library that converts, compares and processes various image files. Blender and AliceVision, two often used computer imaging services, utilize the library, among other software offerings.

March 30, 2023 10:35

Vulnerability Spotlight: SNIProxy contains remote code execution vulnerability

An attacker could exploit this vulnerability by sending a specially crafted HTTP, TLS or DTLS packet to the target machine, potentially causing a denial of service or gaining the ability to execute remote code.

March 21, 2023 13:50

Vulnerability Spotlight: Netgear Orbi router vulnerable to arbitrary command execution

Cisco Talos recently discovered four vulnerabilities in the Netgear Orbi mesh wireless system, including the main hub router and satellite routers that extend the network’s range.