Threat Watch

Cisco Talos Team Discovers Vulnerabilities in Accusoft ImageGear

Eight vulnerabilities have recently been discovered in Accusofts ImageGear software by the Cisco Talos team. These vulnerabilities can cause issues such as memory corruption and remote code execution. The first three, TALOS-2021-1257 (CVE-2021-21793), TALOS-2021-1261 (CVE-2021-21794) and TALOS-2021-1289 (CVE-2021-21824) could all be triggered by an attacker getting the victim to open a malicious file. The second batch, TALOS-2021-1264 (CVE-2021-21795), TALOS-2021-1276 (CVE-2021-21808), TALOS-2021-1286 (CVE-2021-21821) and TALOS-2021-1275 (CVE-2021-21807) if executed correctly could lead to memory corruption. Lastly, Talos also found TALOS-2021-1296 (CVE-2021-21833) which could eventually lead to remote code execution.

Subscribe to Threat Watch

Daily summaries of threats, delivered straight to your inbox!


Click Here to Subscribe to Threat Watch

ANALYST NOTES

Accusoft and Cisco have worked together to put out an update that will mitigate these issues. It is advised that any ImageGear version 19.8 and 19.9 users implement the update as soon as possible. A list of SNORT rules has also been released, those include, 54411 – 54414, 57249 – 57252, 57270 – 57273, 57301, 57302, 57378, 57379.

https://blog.talosintelligence.com/2021/06/vuln-spotlight-accusoft-.html?&web_view=true&m=1

Facebook Twitter Instagram Youtube Linkedin
Solutions
Become a Reseller

Industries

Resources

About

Contact Us
Contact Support