New Threat Research: MalSync Teardown: From DLL Hijacking to PHP Malware for Windows  

Read Threat Research

Search

Cisco Talos Team Discovers Vulnerabilities in Accusoft ImageGear

Eight vulnerabilities have recently been discovered in Accusofts ImageGear software by the Cisco Talos team. These vulnerabilities can cause issues such as memory corruption and remote code execution. The first three, TALOS-2021-1257 (CVE-2021-21793), TALOS-2021-1261 (CVE-2021-21794) and TALOS-2021-1289 (CVE-2021-21824) could all be triggered by an attacker getting the victim to open a malicious file. The second batch, TALOS-2021-1264 (CVE-2021-21795), TALOS-2021-1276 (CVE-2021-21808), TALOS-2021-1286 (CVE-2021-21821) and TALOS-2021-1275 (CVE-2021-21807) if executed correctly could lead to memory corruption. Lastly, Talos also found TALOS-2021-1296 (CVE-2021-21833) which could eventually lead to remote code execution.

Analyst Notes

Accusoft and Cisco have worked together to put out an update that will mitigate these issues. It is advised that any ImageGear version 19.8 and 19.9 users implement the update as soon as possible. A list of SNORT rules has also been released, those include, 54411 – 54414, 57249 – 57252, 57270 – 57273, 57301, 57302, 57378, 57379.

https://blog.talosintelligence.com/2021/06/vuln-spotlight-accusoft-.html?&web_view=true&m=1