vulnerabilities
The PSIRT Services Framework: Helping the Industry Protect the Ecosystem
At Cisco, our leadership made the decision over twenty four years ago that we would clearly publicly communicate security vulnerabilities or other issues that could potentially expose customers to risk. This is when the Cisco Product Security Incident Response Team (PSIRT) was born. Our team and the…
Vulnerability Spotlight: Multiple vulnerabilities in Shimo VPN’s helper tool
Cisco Talos is disclosing a series of vulnerabilities found in the Shimo VPN Helper Tool. Shimo VPN is a popular VPN client for MacOS that can be used to connect multiple VPN accounts to one application. These specific vulnerabilities were found in the “helper tool,” a feature that Shimo VPN uses to…
Vulnerability Spotlight: Multiple Vulnerabilities in CUJO Smart Firewall, Das U-Boot, OCTEON SDK, Webroot BrightCloud
Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Executive summary CUJO AI produces the CUJO Smart Firewall, a device that provides protection to home networks against a myriad of threats such as malware, phishing websites and hacking attempts. Cisco Talos recently discovered 11 vuln…
Microsoft Patch Tuesday — February 2019: Vulnerability disclosures and Snort coverage
Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 69 vulnerabilities, 20 of which are rated “critical,” 46 that are considered “important” and three that are “moderate.” This release also includes…
Vulnerability Spotlight: Multiple vulnerabilities in ACD Systems Canvas Draw 5
Cisco Talos is disclosing several vulnerabilities in ACD Systems’ Canvas Draw 5, a graphics-editing tool for Mac. The vulnerable component of Canvas Draw 5 lies in the handling of TIFF and PCX images. TIFF is a raster-based image format used in graphics editing projects, thus making it a very…
Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader
Overview Cisco Talos is disclosing eightteen vulnerabilities in Foxit PDF Reader, a popular free program for viewing, creating and editing PDF documents. It is commonly used as an alternative to Adobe Acrobat Reader and has a widely used browser plugin. <<READ MORE>>…
September 2018 Cisco IOS and IOS XE Software Bundled Publication
Today, September 26, 2018, we released the second and final Cisco IOS and IOS XE Software Security Advisory Bundled Publication of 2018. As a reminder, Cisco discloses vulnerabilities in Cisco IOS Software and Cisco IOS XE Software on a predictable schedule—the fourth Wednesday of March and Septembe…
Microsoft Tuesday August 2018
Microsoft released its monthly set of security advisories today for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 62 new vulnerabilities, 20 of which are rated “critical,” 38 that are rated “important,” one that is rated mo…
Vulnerability Spotlight: Multiple Remote Vulnerabilities In Insteon Hub PubNub
Cisco Talos is disclosing twelve new vulnerabilities in Insteon Hub, ranging from remote code execution, to denial of service. The majority of the vulnerabilities have their root cause in the unsafe usage of the strcpy() function, leading either to stack overflow or global overflow. Read More…