Vulnerability Research

May 5, 2017

THREAT RESEARCH

Vulnerability Spotlight: Power Software PowerISO ISO Code Execution Vulnerabilities

1 min read

These vulnerabilities were discovered by Piotr Bania of Cisco Talos. Today, Talos is releasing details of a new vulnerability discovered within the Power Software PowerISO disk imaging software. TALOS-2017-0318 and TALOS-2017-0324 may allow an attacker to execute arbitrary code remotely on the vulnerable system when a specially crafted ISO image is opened and parsed by […]

May 4, 2017

THREAT RESEARCH

Vulnerability Spotlight: AntennaHouse DMC Library Arbitrary Code Execution Flaws

1 min read

These vulnerabilities were discovered by Marcin ‘Icewall’ Noga of Talos. Today, Talos is disclosing several vulnerabilities that have been identified in the AntennaHouse DMC library which is used in various products for web-based document searching and rendering. These vulnerabilities manifest as a failure to correctly parse Microsoft Office documents and could be exploited to achieve […]

April 21, 2017

THREAT RESEARCH

Vulnerability Spotlight: Hard-coded Credential Flaw in Moxa ICS Wireless Access Points Identified and Fixed

1 min read

Earlier this month, Talos responsibly disclosed a set of vulnerabilities in Moxa ICS wireless access points. While most of the vulnerabilities were addressed in the previous set of advisories, Talos has continued to work with Moxa to ensure all remaining vulnerabilities that Talos identified are patched. Today in coordination with Moxa, Talos is disclosing the […]

April 10, 2017

THREAT RESEARCH

From Box to Backdoor: Discovering Just How Insecure an ICS Device is in Only 2 Weeks

1 min read

Inspired by "From LOW to PWNED," we decided to take a look at one Industrial Control System (ICS) wireless access point and see just how many vulnerabilities we could find in two weeks.

March 27, 2017

THREAT RESEARCH

Vulnerability Spotlight: Certificate Validation Flaw in Apple macOS and iOS Identified and Patched

1 min read

Most people don’t give much thought to what happens when you connect to your bank’s website or log in to your email account. For most people, securely connecting to a website seems as simple as checking to make sure the little padlock in the address bar is present. However, in the background there are many […]

February 14, 2017

THREAT RESEARCH

Vulnerability Spotlight: Apple Garage Band Out of Bounds Write Vulnerability

1 min read

Discovered by Tyler Bohan of Cisco Talos Overview Talos is disclosing TALOS-2016-0262  (CVE-2017-2372) and TALOS-2017-0275  (CVE-2017-2374), an out of bounds write vulnerability in Apple GarageBand. GarageBand is a music creation program, allowing users to create and edit music easily and effectively from their Mac computer. GarageBand is installed by default on all Mac computers so […]

January 20, 2017

THREAT RESEARCH

Vulnerability Spotlight: Adobe Acrobat Reader DC jpeg Decoder Vulnerability

1 min read

Discovered by Aleksandar Nikolic of Cisco Talos Overview Talos is disclosing TALOS-2016-0259 / CVE-2017-2791 an uninitialized memory vulnerability in Adobe Acrobat Reader DC. Adobe Acrobat Reader is one of the largest and well known PDF readers available today. This particular vulnerability is associated with the JPEG Decoder functionality embedded in the application. A specially crafted […]

October 18, 2016

THREAT RESEARCH

Vulnerability Spotlight: Hopper Disassembler ELF Section Header Size Code Execution

1 min read

Vulnerability Discovered by Tyler Bohan and Cory Duplantis of Cisco Talos Talos has identified an exploitable out-of-bounds write vulnerability in the ELF Section Header parsing functionality of Hopper (TALOS-2016-0222/CVE-2016-8390). Hopper is a reverse engineering tool for macOS and Linux allowing the user to disassemble and decompile 32/64bit Intel-based Mac, Linux, Windows and iOS executables. During the parsing […]

October 18, 2016

THREAT RESEARCH

Vulnerability Spotlight: Foxit PDF Reader JBIG2 Parser Information Disclosure

1 min read

Vulnerability discovered by Aleksandar Nikolic of Talos. Talos has identified an information disclosure vulnerability in Foxit PDF Reader (TALOS-2016-0201/CVE-2016-8334). A wrongly bounded call to `memcpy`, while parsing jbig2 segments within a PDF file, can be triggered in Foxit PDF Reader causing an out-of-bounds heap memory to be read into a buffer. The `memcpy` call is properly […]