Coverage of the most important security issues Talos’ world-class vulnerability research team discovers and helps fix before the bad guys find it first.
ReVault! When your SoC turns against you…
Talos reported 5 vulnerabilities to Broadcom and Dell affecting both the ControlVault3 Firmware and its associated Windows APIs that we are calling “ReVault”.
Duping Cloud Functions: An emerging serverless attack vector
Cisco Talos built on Tenable’s discovery of a Google Cloud Platform vulnerability to uncover how attackers could exploit similar techniques across AWS and Azure.
Badgerboard: A PLC backplane network visibility module
Analysis of the traffic between networked devices has always been of interest since devices could even communicate with one another. As the complexity of networks grew, the more useful dedicated traffic analysis tools became. Major advancements have been made over the years wit
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
Given the privileged position these devices occupy on the networks they serve, they are prime targets for attackers, so their security posture is of paramount importance.
Uncovering weaknesses in Apple macOS and VMWare vCenter: 12 vulnerabilities in RPC implementation
Uncovered issues fall into use-after-free, buffer-overflow, information leak and denial of service vulnerability classes. Some of these could be combined to achieve remote code execution or privilege escalation.
Taking over Milesight UR32L routers behind a VPN: 22 vulnerabilities and a full chain
In all, Cisco Talos is releasing 22 security advisories today, nine of which have a CVSS score greater than 8, associated with 69 CVEs.
Vulnerability Spotlight: Use-after-free condition in Google Chrome WebGL
TALOS-2023-1724 (CVE-2023-1531) occurs if the user opens a specially crafted web page in Chrome.
Two remote code execution vulnerabilities disclosed in Microsoft Excel
Microsoft disclosed these issues and patched them as part of June’s monthly security release for the company.
Memory corruption vulnerability in Mitsubishi PLC could lead to DoS, code execution
A vulnerability, TALOS-2023-1727 (CVE-2023-1424), exists in the device’s MELSOFT Direct functionality that is triggered if an adversary sends the targeted device a specially crafted network packet.
Vulnerability Spotlight: Authentication bypass, use-after-free vulnerabilities found in a library for the µC/OS open-source operating system
TALOS-2022-1680 (CVE-2022-41985) could allow an attacker to bypass the authentication protocol on the operating system, or cause a denial-of-service, by sending the targeted machine a specially crafted set of network packets.
Microsoft Patch Tuesday for May 2023 — Fewest vulnerabilities disclosed in a month in three-plus years
One of the vulnerabilities is being actively exploited in the wild, according to Microsoft, the fourth month in a row in which this is the case.
Vulnerability Spotlight: Vulnerabilities in IBM AIX could lead to command injection with elevated privileges
The issue could then allow the malicious actor to generate arbitrary logs which can trigger malicious commands to be run with elevated privileges.
Vulnerability Spotlight: Hard-coded password vulnerability could allow attacker to completely take over Lenovo Smart Clock
Talos also alerted Lenovo that the clock’s hardcoded root password is weak and easily guessed or cracked.
Microsoft Patch Tuesday for April 2023 — Snort rules and prominent vulnerabilities
April is the third month in a row in which at least one of the vulnerabilities Microsoft released in a Patch Tuesday had been exploited in the wild prior to disclosure.
Vulnerability Spotlight: Vulnerabilities in popular Japanese word processing software could lead to arbitrary code execution, other issues
Ichitaro uses the ATOK input method (IME) and uses the proprietary .jtd file extension. It’s the second most-popular word processing system in Japan behind only Microsoft word.
Vulnerability Spotlight: Buffer overflow vulnerability in ADMesh library
A specially crafted STL file can lead to a heap buffer overflow.
Vulnerability Spotlight: Vulnerability in ManageEngine OpManager could lead to XXE attack
XXE attacks allow an adversary to interact with other backend or external systems that OpManager accesses.
Vulnerability Spotlight: Specially crafted files could lead to denial of service, information disclosure in OpenImageIO parser
OpenImageIO is a library that converts, compares and processes various image files. Blender and AliceVision, two often used computer imaging services, utilize the library, among other software offerings.
Vulnerability Spotlight: SNIProxy contains remote code execution vulnerability
An attacker could exploit this vulnerability by sending a specially crafted HTTP, TLS or DTLS packet to the target machine, potentially causing a denial of service or gaining the ability to execute remote code.
Vulnerability Spotlight: Netgear Orbi router vulnerable to arbitrary command execution
Cisco Talos recently discovered four vulnerabilities in the Netgear Orbi mesh wireless system, including the main hub router and satellite routers that extend the network’s range.
Vulnerability Spotlight: WellinTech ICS platform vulnerable to information disclosure, buffer overflow vulnerabilities
If an adversary could capture an authentication packet, it contains all the necessary information to steal the target user’s username and password for the software.
Vulnerability Spotlight: Node-SQLite3 issue could lead to denial of service in Ghost CMS
Due to JSON format limitations, the vulnerability only manifests itself as a remote denial of service in Ghost CMS, which crashes the Node.js process. However, the vulnerability could potentially lead to remote code execution in other products that use it.
Vulnerability Spotlight: EIP Stack Group OpENer open to two remote code execution vulnerabilities
Two of the vulnerabilities are considered to be considered of critical importance, with a CVSS score of a maximum 10 out of 10.
Vulnerability Spotlight: OS command injection, directory traversal and other vulnerabilities found in Siretta Quartz-Gold and FreshTomato
Cisco Talos recently discovered several vulnerabilities in the Siretta Quartz-Gold router. Talos also discovered vulnerabilities in FreshTomato while investigating the Siretta router. The Siretta Quartz-Gold is an industrial cellular router with several features and services, su
Vulnerability Spotlight: XSS vulnerability in Ghost CMS
Dave McDaniel of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered a cross-site scripting (XSS) vulnerability in Ghost CMS. Ghost is a content management system with tools to build a website, publish content and send newsletters. Ghost offers paid subsc
Vulnerability Spotlight: Integer and buffer overflow vulnerabilities found in QT QML
Emma Reuter and Theo Morales of ASIG and Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Cisco ASIG and Cisco Talos recently discovered code execution vulnerabilities in QT QML. Qt is a popular software suite primarily used to create graphical user interface
Vulnerability Spotlight: Asus router access, information disclosure, denial of service vulnerabilities discovered
Cisco Talos recently discovered three vulnerabilities in Asus router software. The Asus RT-AX82U router is one of the newer Wi-Fi 6 (802.11ax)-enabled routers that also supports mesh networking with other Asus routers. Like other routers, it is configurable via an HTTP server ru
Vulnerability Spotlight: OpenImageIO file processing issues could lead to arbitrary code execution, sensitive information leak and denial of service
Cisco Talos recently discovered nineteen vulnerabilities in OpenImageIO, an image processing library, which could lead to sensitive information disclosure, denial of service and heap buffer overflows which could further lead to code execution. OpenImageIO is an image processing
Vulnerability Spotlight: Authentication bypass and enumeration vulnerabilities in Ghost CMS
Dave McDaniel and other members of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered two vulnerabilities in Ghost CMS, one authentication bypass vulnerability and one enumeration vulnerability. Ghost is a content management system with tools to build
Vulnerability Spotlight: Denial-of-service vulnerability discovered in VMWare vCenter
Cisco Talos recently discovered a denial-of-service vulnerability in VMWare vCenter Server. VMware vCenter Server is a platform that enables centralized control and monitoring over all virtual machines and EXSi hypervisors included in vSphere. TALOS-2022-1588 (CVE-2022-31698) c
Vulnerability Spotlight: Memory corruption vulnerability discovered in PowerISO
Cisco Talos recently discovered a memory corruption vulnerability in PowerISO. TALOS-2022-1644 (CVE-2022-41992) is a memory corruption vulnerability that exists in the VHD File Format parsing functionality of PowerISO 8.3. A specially crafted file can lead to an out-of-bounds wr
Vulnerability Spotlight: NVIDIA driver memory corruption vulnerabilities discovered
Cisco Talos recently discovered two memory corruption vulnerabilities in shader functionality of an NVIDIA driver. NVIDIA Graphics drivers are software for NVIDIA Graphics GPU installed on the PC. They are used to communicate between the operating system and the GPU device. This
Vulnerability Spotlight: Lansweeper directory traversal and cross-site scripting vulnerabilities
Cisco Talos recently discovered several directory traversal and cross-site scripting vulnerabilities in Lansweeper. Lansweeper is an IT Asset Management solution that gathers hardware and software information of computers and other devices on a computer network for management, c
Vulnerability Spotlight: Callback Technologies CBFS Filter denial-of-service vulnerabilities
Cisco Talos recently discovered three denial-of-service vulnerabilities in Callback Technologies CBFS Filter. Callback Technologies has a CBFS file storage solution for use in customizing data persistence on devices. To accompany this, their CBFS Filter manages this file storage
Vulnerability Spotlight: Microsoft Office class attribute double-free vulnerability
Cisco Talos recently discovered a class attribute double-free vulnerability in Microsoft Office. Microsoft Office is a suite of tools used for productivity in both a corporate environment as well as by end-users. It offers a range of tools that can be used for various purposes.
Vulnerability Spotlight: Use-after-free vulnerabilities in Foxit Reader could lead to arbitrary code execution
Cisco Talos recently discovered several use-after-free vulnerabilities in Foxit Reader that could lead to arbitrary code execution. The Foxit Reader is one of the most popular PDF document readers, which aims to have feature parity with Adobe’s Acrobat Reader. As a complete and
Vulnerability Spotlight: Vulnerabilities in InHand router could give attackers access to console, delete files
This is just the latest set of vulnerabilities Talos has discovered in the InRouter302.
Vulnerability Spotlight: Vulnerabilities in Abode Systems home security kit could allow attacker to take over cameras, remotely disable them
Cisco Talos recently discovered several vulnerabilities in the Abode Systems iota All-In-One Security Kit.
Vulnerability Spotlight: Multiple issues in Robustel R1510 cellular router could lead to code execution, denial of service
Cisco Talos recently discovered nine vulnerabilities in the Robustel R1510 industrial cellular router, several of which could allow an adversary to inject operating system code remotely.
Vulnerability Spotlight: Vulnerabilities in popular library affect Unix-based devices
TALOS-2022-1517 (CVE-2022-29503 - CVE-2022-29504) is a memory corruption vulnerability in uClibC and uClibc-ng that can occur if a malicious user repeatedly creates threads.
Vulnerability Spotlight: Vulnerabilities in WWBN AVideo web app could lead to command injection, authentication bypass
Cisco Talos recently discovered multiple vulnerabilities in the WWBN AVideo web application that could allow an attacker to carry out a wide range of malicious actions, including command injection and authentication bypass. AVideo is an open-source web application that allows us
Vulnerability Spotlight: Three vulnerabilities in HDF5 file format could lead to remote code execution
Dave McDaniel of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered three vulnerabilities in a library that works with the HDF5 file format that could allow an attacker to execute remote code on a targeted device. These issues arise in the libhdf5 gif
Vulnerability Spotlight: Vulnerabilities in Alyac antivirus program could stop virus scanning, cause code execution
Jaewon Min of Cisco Talos discovered these vulnerabilities. Update (Aug. 3, 2022): Talos disclosed two new vulnerabilities in the Alyac antivirus software and added their details to this post. Cisco Talos recently discovered out-of-bounds read and buffer overflow vulnerabilitie
Vulnerability Spotlight: How misusing properly serialized data opened TCL LinkHub Mesh Wi-Fi system to 17 vulnerabilities
The TCL LinkHub Mesh Wi-Fi system is a multi-device Wi-Fi system that allows users to expand access to their network over a large physical area. What makes the LInkHub system unique is the lack of a network interface to manage the devices individually or in the mesh. Instead, a p
Vulnerability Spotlight: How a code re-use issue led to vulnerabilities across multiple products
Recently, I was performing some research on a wireless router and noticed the following piece of code: This unescape function will revert the URL encoded bytes to its original form. But something specifically caught my attention: There was no size check for the performed operati
Vulnerability Spotlight: Issue in Accusoft ImageGear could lead to memory corruption, code execution
Emmanuel Tacheau of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered a use-after-free vulnerability in Accusoft ImageGear's PSD header processing function. The ImageGear library is a document-imaging developer toolkit that allows users to create
Vulnerability Spotlight: Use-after-free condition in Google Chrome WebGPU
Piotr Bania of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome’s WebGPU standard. Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser that
Vulnerability Spotlight: Adobe Acrobat DC use-after-free issues could lead to arbitrary code execution
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two use-after-free vulnerabilities in Adobe Acrobat Reader DC that could allow an attacker to eventually gain the ability to execute arbitrary code. Acrobat
Vulnerability Spotlight: Command injection vulnerabilities in Robustel cellular router
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered four vulnerabilities in the Robustel R1510 industrial cellular router. The R1510 is a portable router that shares 2G, 3G and 4G wireless internet access. It
Vulnerability Spotlight: Vulnerabilities in Anker Eufy Homebase could lead to code execution, authentication bypass
Lilith >_> of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered three vulnerabilities in the Anker Eufy Homebase 2. The Eufy Homebase 2 is the video storage and networking gateway that works with Anker’s Eufy Smarthome ecos
Vulnerability Spotlight: Vulnerabilities in Open Automation Software Platform could lead to information disclosure, denial of service
Jared Rittle of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered eight vulnerabilities in the Open Automation Software Platform that could allow an adversary to carry out a variety of malicious actions, including improperly authenticating into the ta
Vulnerability Spotlight: Multiple memory corruption vulnerabilities in NVIDIA GPU driver
Piotr Bania of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered four vulnerabilities in the NVIDIA D3D10 driver for graphics cards that could allow an attacker to corrupt memory and write arbitrary memory on the card. NVIDIA graphics drivers are sof
Vulnerability Spotlight: How an attacker could chain several vulnerabilities in an industrial wireless router to gain root access
Cisco Talos recently discovered several vulnerabilities in InHand Networks’ InRouter302 that could allow an attacker to escalate their privileges on the targeted device from a non-privileged user to a privileged one. There are also multiple vulnerabilities that could allow an adv
Vulnerability Spotlight: Vulnerability in Alyac antivirus program could stop virus scanning, cause denial of service
Jaewon Min of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered an out-of-bounds read vulnerability in the ESTsecurity Corp.’s Alyac antivirus software that could cause a denial-of-service condition. If successful, an attacker could trigger this vuln
Vulnerability Spotlight: Two vulnerabilities in Accusoft ImageGear could lead to DoS, arbitrary free
Emmanuel Tacheau of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered two new vulnerabilities in Accusoft ImageGear. The ImageGear library is a document-imaging developer toolkit that allows users to create, edit, annotate and convert various images.
Vulnerability Spotlight: Heap overflow in Sound Exchange libsox library
Lilith >_> of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in the sphere.c start_read() functionality of Sound Exchange libsox. The libsox library is a library of sound sample file fo
Deep dive: Vulnerabilities in ZTE router could lead to complete attacker control of the device
Cisco Talos’ vulnerability research team disclosed multiple vulnerabilities in the ZTE MF971R wireless hotspot and router in October. Several months removed from that disclosure and ZTE’s patch, we decided to take an even closer look at two of these vulnerabilities — CVE-2021-217
Vulnerability Spotlight: Vulnerabilities in Gerbv could lead to code execution, information disclosure
Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in the Gerbv file viewing software that could allow an attacker to execute arbitrary remote code or disclose sensitive information. Gerbv is an open-source
Vulnerability Spotlight: Vulnerabilities in Lansweeper could lead to JavaScript, SQL injections
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in the Lansweeper IT asset management solution that could allow an attacker to inject JavaScript or SQL code on the targeted device. Lansweeper gather
Vulnerability Spotlight: Buffer overflow vulnerabilities in Accusoft ImageGear could lead to code execution
Francesco Benvenuto and Emmanuel Tacheau of Cisco Talos and another team member discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in Accusoft ImageGear. The ImageGear library is a document-imaging developer toolkit that allows users to c
Vulnerability Spotlight: Vulnerability in Hancom Office could lead to memory corruption, code execution
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered a vulnerability in Hancom Office — a popular software suite in South Korea — that could allow an attacker to corrupt memory on the targeted machine or execute remote code. Han
Vulnerability Spotlight: Vulnerabilities in Moxa MXView could allow attacker to view sensitive information, bypass login
Patrick DeSantis of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered two vulnerabilities in Moxa's MXview network management software that could allow an attacker to view sensitive data or bypass the need to log into the device. MXview is design
Vulnerability Spotlight: Use-after-free in Google Chrome could lead to code execution
Marcin Towalski of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser that other software
Vulnerability Spotlight: Multiple vulnerabilities in Sealevel SeaConnect
Francesco Benvenuto and Matt Wiseman of Cisco Talos discovered these vulnerabilities. Update (Feb. 16, 2022): We are also disclosing a vulnerability in the Texas Instruments CC3200 SimpleLink microcontroller that is related to the SeaConnect vulnerabilities outlined in this post
Vulnerability Spotlight: Memory corruption and use-after-free vulnerabilities in Foxit PDF Reader
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered a memory corruption and use-after-free vulnerability in the Foxit PDF Reader. Foxit PDF Reader is one of the most popular PDF document readers currently avai
Vulnerability Spotlight: WiFi-connected security camera could be manipulated to spy on communications, among other malicious actions
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered several vulnerabilities in the Reolink RLC-410W security camera that could allow an attacker to perform several malicious actions, including performing man-in-the-middle attacks,
Vulnerability Spotlight: Vulnerability in Apple iOS, iPad OS and MacOS could lead to disclosure of sensitive memory data
Jaewon Min of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered an out-of-bounds read vulnerability in Apple’s macOS and iOS operating systems that could lead to the disclosure of sensitive memory content. An attacker could capitalize on that informat
Vulnerability Spotlight: Two vulnerabilities in Adobe Acrobat DC could lead to arbitrary code execution
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in Adobe Acrobat Reader DC that could allow an attacker to eventually gain the ability to execute arbitrary code. Acrobat is one of the m
Vulnerability Spotlight: Heap buffer overflow condition in Google Chrome could lead to code execution
Marcin Towalski of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser that ot
Vulnerability Spotlight: Buffer overflow vulnerability in AnyCubic Chitubox plugin
Carl Hurd of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in the Chitubox AnyCubic plugin. Chitubox is 3-D printing software for users to download and process models and send them to a 3-D pri
Vulnerability Spotlight: Vulnerabilities in metal detector peripheral could allow attackers to manipulate security devices
Matt Wiseman of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in a device from Garrett Metal Detectors that could allow remote attackers to bypass authentication requirements, manipulate metal detector configurations, and
Vulnerability Spotlight: Vulnerabilities in DaVinci Resolve video editing software could lead to code execution
Cisco Talos recently discovered two vulnerabilities in the DaVinci Resolve video editing software that could allow an adversary to execute code in the context of the application. DaVinci Resolve is a non-linear video editing application from Blackmagic Software that is available
Vulnerability Spotlight: Use-after-free condition in Google Chrome could lead to code execution
Marcin Towalski of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser that other software
A review of Azure Sphere vulnerabilities: Unsigned code execs, kernel bugs, escalation chains and firmware downgrades
Summary of all the vulnerabilities reported by Cisco Talos in Microsoft Azure Sphere By Claudio Bozzato and Lilith [>_>]. In May 2020, Microsoft kicked off the Azure Sphere Security Research Challenge, a three-month initiative aimed at finding bugs in Azure Sphere. In
Vulnerability Spotlight: Multiple vulnerabilities in Advantech R-SeeNet
Yuri Kramarz discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in the Advantech R-SeeNet monitoring software. R-SeeNet is the software system used for monitoring Advantech routers. It continuously collects information from individual rou
Vulnerability Spotlight: PHP deserialize vulnerability in CloudLinux Imunity360 could lead to arbitrary code execution
Marcin “Icewall” Noga of Cisco Talos. Cisco Talos recently discovered a vulnerability in the Ai-Bolit functionality of CloudLinux Inc Imunify360 that could lead to arbitrary code execution. Imunify360 is a security platform for web-hosting servers that allows users to configure
Vulnerability Spotlight: Multiple code execution vulnerabilities in LibreCAD
Lilith >_> of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered three vulnerabilities in LibreCAD’s libdfxfw open-source library. This library reads and writes .dxf and .dwg files — the primary file format for vector graphics in CAD software. Libr
Vulnerability Spotlight: Use-after-free vulnerability in Google Chrome could lead to code execution
Marcin Towalski of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser that other software
Vulnerability Spotlight: Vulnerabilities in Lantronix PremierWave 2050 could lead to code execution, file deletion
Matt Wiseman discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in Lantronix’s PremierWave 2050, an embedded Wi-Fi module. There are several vulnerabilities in PremierWave 2050’s Web Manager, a web-accessible application that allows users
Vulnerability Spotlight: Multiple vulnerabilities in ZTE MF971R LTE router
Cisco Talos recently discovered multiple vulnerabilities in the ZTE MF971R LTE portable router. The MF971R is a portable router with Wi-Fi support and works as an LTE/GSM modem. An attacker could exploit all these vulnerabilities by sending a specially crafted HTTP request to th
Vulnerability Spotlight: Code execution vulnerabilities in Nitro Pro PDF
A Cisco Talos team member discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in the Nitro Pro PDF reader that could allow an attacker to execute code in the context of the application. Nitro Pro PDF is part of Nitro Software’s Productivit
Vulnerability Spotlight: Use-after-free vulnerability in Microsoft Excel could lead to code execution
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered a use-after-free vulnerability in the ConditionalFormatting functionality of Microsoft Office Excel 2019 that could allow an attacker to execute arbitrary code on the victim machi
Vulnerability Spotlight: Vulnerabilities in Anker Eufy Homebase could lead to code execution, buffer overflows
UUpdate (Nov. 29, 2021): Anker patched five other vulnerabilities in this product affecting the same version as originally listed in this blog. These have been added to the post. Lilith >_> of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered two
Vulnerability Spotlight: Information disclosure vulnerability in D-LINK DIR-3040 mesh router
Dave McDaniel of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable information disclosure vulnerability in the D-LINK DIR-3040 smart WiFi mesh router that could allow an adversary to eventually turn off the device or remove other connected
Vulnerability Spotlight: Code execution vulnerability in Nitro Pro PDF
A Cisco Talos team member discovered these vulnerabilities. Cisco Talos recently discovered a vulnerability in the Nitro Pro PDF reader that could allow an attacker to execute code in the context of the application. Nitro Pro PDF is part of Nitro Software’s Productivity Suite.
Vulnerability Spotlight: Heap buffer overflow vulnerability in Ribbonsoft dxflib library
Lilith >_> of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in Ribbonsoft’s dxflib library that could lead to code execution. The dxflib library is a C++ library utilized by digital desig
Vulnerability Spotlight: Memory corruption vulnerability in Daemon Tools Pro
Piotr Bania of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered a memory corruption vulnerability in Disc Soft Ltd.'s Daemon Tools Pro. Daemon Tools Pro is a professional emulation software that works with disc images and virtual drives. It allows
Vulnerability Spotlight: Multiple integer overflow vulnerabilities in GPAC Project on Advanced Content
A Cisco Talos team member discovered these vulnerabilities. Cisco Talos recently discovered multiple integer overflow vulnerabilities in the GPAC Project on Advanced Content that could lead to memory corruption. The GPAC Project on Advanced Content is an open-source cross-platf
Vulnerability Spotlight: Multiple vulnerabilities in AT&T Labs’ Xmill utility
Carl Hurd of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in AT&T Labs’ Xmill utility. An attacker could take advantage of these issues to carry out a variety of malicious actions, including corrupting the application
Vulnerability Spotlight: Code execution vulnerability in Mozilla Firefox
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered a use-after-free vulnerability in Mozilla Firefox that could lead to code execution. Firefox is a widely used web browser available on many operating systems. This specific vulne
Vulnerability Spotlight: Use-after-free vulnerability in tinyobjloader
Lilith >_> of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered that a specific function of tinyobjloader does not properly validate array indexes. An adversary could trick a user into opening a specially crafted file, causing an index out-of-bound
Vulnerability Spotlight: Memory corruption vulnerability in PowerISO’s DMG handler
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a memory corruption vulnerability in PowerISO’s handler that deals with DMG files. PowerISO is a CD/DVD/BD image file processing tool, which allows users to open, extr
Vulnerability Spotlight: Multiple vulnerabilities in Synology DiskStation Manager
The vulnerabilities exist in various features inside the operating system, including AppArmor and QuickConnect.
Vulnerability Spotlight: Out-of-bounds read vulnerability in Slic3r could lead to information disclosure
Lilith >_> of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an out-of-bounds read vulnerability in Slic3r's library. Slic3r is an open-source 3-D printing toolbox, mainly utilized for translating assorted 3-D printing m
Vulnerability Spotlight: Multiple vulnerabilities in PrusaSlicer
Lilith >_> of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two out-of-bounds write vulnerabilities in Prusa Research’s PrusaSlicer. Prusa Slicer is an open-source 3-D printer slicing program forked off Slic3r that can c
Vulnerability Spotlight: Denial-of-service vulnerability in Rockwell Automation RSLinx
Alexander Perez-Palma of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a denial-of-service vulnerability in the Ethernet/IP server functionality of Rockwell Automation RSLinx Classic. An attacker could exploit this vulnerability
Vulnerability Spotlight: Multiple vulnerabilities in NZXT computer monitoring software
Carl Hurd of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. NZXT’s CAM computer monitoring software contains multiple vulnerabilities an attacker could use to carry out a range of malicious actions. CAM provides users information on their machines, such as fan s
Vulnerability Spotlight: Two vulnerabilities in Lantronix XPort EDGE
Kelly Leuschner of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Executive summary Cisco Talos recently discovered two vulnerabilities in the Web Manager functionality of Lantronix XPort EDGE. The XPort EDGE is a next-generation wired Ethernet gateway for
Vulnerability Spotlight: Remote code execution vulnerabilities in Schneider Electric EcoStruxure
Alexander Perez-Palma and Jared Rittle of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered two code execution vulnerabilities in Schneider Electric EcoStruxure. An attacker could exploit these vulnerabilities by sending the victim a
Vulnerability Spotlight: Multiple vulnerabilities in Synology SRM (Synology Router Manager)
An adversary could use these vulnerabilities to carry out a range of malicious actions, including executing remote code on the device, the exposure of sensitive information regarding the victim’s network and communication with other devices connected to the same network.