Cisco Talos disclosed multiple vulnerabilities in Dell BSAFE, Fade In, and TruffleHog, all of which have been patched by the vendors. These vulnerabilities include out-of-bounds writes, use-after-free, and arbitrary code execution risks that could impact affected systems. #DellBSAFE #FadeIn #TruffleHog
Keypoints
- Cisco Talos identified security flaws in Dell BSAFE, Fade In, and TruffleHog, which have now been patched.
- Fade In software suffers from out-of-bounds write and use-after-free vulnerabilities in its XML parser.
- TruffleHog has a code execution vulnerability that can be exploited through malicious repositories.
- Dell BSAFE vulnerabilities involve integer overflow, underflow, and stack overflow issues related to ASN.1 records.
- Organizations using affected software should update to the latest versions and monitor for exploit activity with Snort rule sets.
Read More: https://blog.talosintelligence.com/trufflehog-fade-in-and-bsafe-crypto-c-vulnerabilities/