Cisco Talos has disclosed multiple security vulnerabilities across three different software providers: WolfSSL, GeoVision, and VTK-DICOM. The findings include three vulnerabilities in WolfSSL involving improper input validation and integer underflow, and a significant set of fourteen advisories for GeoVision devices. These GeoVision flaws encompass 37 distinct CVEs, including critical issues such as OS command injection, memory corruption, and privilege escalation.
Additionally, a heap-based buffer overflow was identified in the VTK-DICOM API, an open-source tool used for processing medical imaging data. All vulnerabilities mentioned have been patched by their respective vendors in accordance with Cisco's disclosure policy. Security professionals are advised to update affected systems and utilize Snort rules to mitigate potential exploitation risks.
Top comments (0)