Cisco Blogs

Vulnerability Spotlight: EZB Systems UltraISO ISO Parsing Code Execution Vulnerability

August 2, 2017 - 2 Comments

Discovered by Piotr Bania of Cisco Talos

Today, Talos is releasing details of a new vulnerability discovered within the EZB Systems UltraISO ISO disk image creator software. TALOS-2017-0342 (CVE-2017-2840) may allow an attacker to execute arbitrary code remotely on the vulnerable system when a specially crafted ISO image is opened and parsed by the UltraISO software.


In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.


  1. Another great and informative article.

  2. Excellent article, and thanks for the information, it’s good to know to be aware off and increase my personal knowledge. Thanks TALOS Teamwork.