Cisco Talos has identified and disclosed vulnerabilities in Asus Armoury Crate and Adobe Acrobat Reader, which have now been patched by the vendors. Users should update their software to mitigate risks associated with these security flaws. #AsusArmouryCrate #AdobeAcrobatReader
Keypoints
- Cisco Talos disclosed two vulnerabilities in Asus Armoury Crate, including a buffer overflow and an authorization bypass.
- The Asus vulnerabilities affect version 5.9.13.0 and can be exploited via crafted I/O request packets or hard links.
- Adobe Acrobat Reader has out-of-bounds read and use-after-free vulnerabilities that can lead to data disclosure and memory corruption.
- The Adobe vulnerabilities involve malicious font files and scripted PDF objects to trigger exploitation.
- Both sets of vulnerabilities have been patched, and users are advised to update their software to prevent exploitation.
Read More: https://blog.talosintelligence.com/asus-and-adobe-vulnerabilities/