< ciso
brief />
Tag Banner

All news with #buffer overflow tag

47 articles · page 2 of 3

Critical GNU inetutils Telnet RCE Allows Root Access

⚠️ Security researchers at Dream Security disclosed a critical buffer overflow in GNU inetutils telnetd (CVE-2026-32746) that enables unauthenticated remote code execution as root during Telnet negotiation. The flaw originates in the SLC handler which writes into a fixed 108‑byte buffer without bounds checking, producing an arbitrary write. Dream notified maintainers on March 11 and a patch was prepared the next day; administrators should disable telnetd, restrict or block TCP/23, or migrate to SSH until updates are applied.
read more →

Critical RCE in Grandstream GXP1600 VoIP Phones Exposed

⚠️ Researchers disclosed an unauthenticated stack-based buffer overflow (CVE-2026-2329) in Grandstream GXP1600-series VoIP phones that can yield remote code execution as root. The flaw lies in the web API endpoint /cgi-bin/api.values.get, where a malformed colon-delimited "request" parameter overruns a 64-byte stack buffer. Affected models include GXP1610/1615/1620/1625/1628/1630; Grandstream released firmware 1.0.7.81 to fix the issue. Rapid7 published a Metasploit module demonstrating exploitation and post-exploitation risks such as credential theft and SIP proxy hijacking.
read more →

AI Discovers Twelve New Vulnerabilities in OpenSSL Release

🔍 In the January 27, 2026 OpenSSL security release, twelve previously unknown zero-day vulnerabilities were announced, all originally discovered and responsibly disclosed by our AI research system, AISLE. Ten of the issues were assigned CVE-2025 identifiers and two received CVE-2026 identifiers. One high-profile finding, CVE-2025-15467, is a stack buffer overflow with a NIST CVSS v3 score of 9.8 and has already produced public exploits. Five of the twelve accepted fixes were directly proposed by AISLE, and several bugs dated back to 1998–2000, including code inherited from the original SSLeay implementation.
read more →

Delta Electronics ASDA-Soft Stack Overflow (CVE-2026-1361)

⚠ A stack-based buffer overflow has been identified in Delta Electronics ASDA-Soft when parsing .par files, allowing an attacker to write data past a stack buffer and corrupt a structured exception handler (SEH). The issue affects versions <= 7.2.0.0 (CVE-2026-1361) and is assigned a CVSS v3.1 base score of 7.8 (High). Delta released fixed ASDA-Soft version 7.2.2.0 and published advisory Delta-PCSA-2026-00003; CISA reports no known public exploitation and notes the vulnerability is not remotely exploitable.
read more →

30-Year-Old Heap Overflow Fixed in libpng 1.6.55 Patch

⚠️ Developers patched a nearly 30-year-old heap buffer overflow in the libpng image library—fixed in libpng 1.6.55—that can crash applications processing crafted PNG files and, with careful heap grooming, enable information disclosure or remote code execution. The flaw exists in the png_set_quantize function when called without a histogram and with oversized palettes. A proof-of-concept is public; users and distributors should upgrade promptly.
read more →

Siemens Desigo CC and SENTRON Powermanager CodeMeter Flaw

🔒 Siemens reports a heap-based buffer overflow in the WIBU CodeMeter Runtime used by Desigo CC and SENTRON Powermanager products. The flaw (CVE-2023-38545) occurs during the SOCKS5 proxy handshake when curl mishandles hostnames longer than 255 bytes and can enable code execution in the context of the affected process. Siemens provides instructions to update the CodeMeter Runtime component and advises upgrading affected systems to V8.0 QU2 or later; follow the vendor's patching guidance promptly.
read more →

o6 Automation Open62541 JSON PubSub Heap Overflow Advisory

⚠️ o6 Automation's Open62541 contains a heap out-of-bounds write in builds with PubSub and JSON enabled. A crafted JSON message can overwrite heap memory prior to authentication, reliably crashing the process and causing memory corruption. The vulnerability affects versions >=1.5-rc1 and <1.5-rc2 (CVE-2026-1301). Upgrade to v1.5.0 and apply network-access mitigations such as isolating control networks and restricting remote access to reduce exposure.
read more →

Johnson Controls ICU Stack-Based Overflow Patch Available

⚠️ The Cybersecurity and Infrastructure Security Agency (CISA) warns of a stack-based buffer overflow in Johnson Controls' iSTAR Configuration Utility (ICU), tracked as CVE-2025-26386. The vulnerability affects ICU versions <= 6.9.7 and, under certain conditions, could lead to an operating system failure on the host machine. Johnson Controls released a vendor fix; update ICU to version 6.9.8. CISA recommends applying the update promptly and following network-segmentation and remote-access best practices to reduce exposure.
read more →

Schneider Electric EcoStruxure Power Build Vulnerabilities

🔒 Schneider Electric disclosed vulnerabilities in EcoStruxure Power Build Rapsody that can cause memory corruption and buffer overflows when importing project (SSD) files. Two tracked issues — CVE-2025-13844 (double free, CVSS 5.3) and CVE-2025-13845 (use-after-free, CVSS 7.8) — may allow local attackers to execute code if a user opens a malicious file. Schneider released regional fixed builds; users should install the appropriate update, restart services, and follow recommended mitigations if patching is delayed.
read more →

LabVIEW Multiple Vulnerabilities Allow Code Execution

⚠ National Instruments released patches addressing multiple vulnerabilities in LabVIEW that could allow information disclosure and arbitrary code execution if a user opens a specially crafted VI file. The flaws include out-of-bounds read/write, use-after-free, and a stack-based buffer overflow across several LabVIEW releases up to 2025_Q3. Administrators should apply the vendor Q3 patch updates and minimize exposure of LabVIEW files while performing risk assessments.
read more →

AzeoTech DAQFactory Multiple Memory-Corruption Flaws

🛡️ CISA warns of multiple memory-corruption vulnerabilities in AzeoTech DAQFactory (release 20.7 and prior) that can be triggered by specially crafted .ctl files. The flaws include out-of-bounds read/write, heap and stack overflows, use-after-free, type confusion, and access of uninitialized pointers; several have CVSS v4 scores up to 8.4. DAQFactory 21.1 addresses these issues and AzeoTech advises avoiding untrusted documents, restricting .ctl file permissions, and using Safe Mode when loading unverified files.
read more →

Ashlar-Vellum Products: Out-of-Bounds Write & Heap Overflow

🔒 Ashlar-Vellum has released updates addressing two vulnerabilities—an Out-of-Bounds Write (CVE-2025-65084) and a Heap-based Buffer Overflow (CVE-2025-65085)—affecting Cobalt, Xenon, Argon, Lithium, and Cobalt Share up to version 12.6.1204.207. Both flaws could allow local attackers to disclose information or execute arbitrary code; vendor updates to 12.6.1204.208 or later are available. CISA assigns a CVSS v4 base score of 8.4, notes low attack complexity, and reports no known public exploitation; these issues are not remotely exploitable.
read more →

Rockwell Arena Stack-Based Buffer Overflow Patch Released

🔒 Rockwell Automation has released an update for Arena Simulation to address a stack-based buffer overflow (CWE-121) in the parsing of DOE files that could allow local attackers to execute arbitrary code. The issue, tracked as CVE-2025-11918 (CVSS v4 7.1), affects versions 16.20.10 and earlier and requires opening a malicious DOE file. Rockwell fixed the vulnerability in 16.20.11; users should upgrade or apply recommended mitigations to reduce exposure.
read more →

Siemens LOGO! 8 Vulnerabilities: Remote Exploitation Risk

⚠️ Siemens published an advisory for LOGO! 8 and SIPLUS LOGO! devices detailing three vulnerabilities (CVE-2025-40815, CVE-2025-40816, CVE-2025-40817) that could enable remote code execution, denial-of-service, or unauthenticated device manipulation. CVE-2025-40815 is a buffer overflow (CVSSv4 8.6) caused by improper TCP packet validation; the others are missing-authentication issues affecting IP and time configuration. Siemens is preparing fixes; interim mitigations include protecting LSC access with a strong password and restricting UDP port 10006 to trusted IPs while CISA recommends impact analyses before changes.
read more →

Canon TTF Printer Vulnerability Allows Remote Code Execution

🖨️ Independent researcher Peter Geissler disclosed a critical vulnerability (CVE-2024-12649) in certain Canon printers that can be triggered simply by printing an XPS document containing a malicious TTF font. The exploit abuses TTF hinting instructions to overflow a virtual-machine stack in the printer’s font engine, allowing code execution on devices running Canon’s DryOS. Canon has issued firmware updates, but organizations should promptly patch, restrict printer exposure, and segment printers to reduce risk.
read more →

Delta Electronics CNCSoft-G2 Stack Overflow Advisory

⚠️ Delta Electronics and CISA warn of a stack-based buffer overflow in CNCSoft-G2 (CVE-2025-58317) affecting versions 2.1.0.27 and earlier. When a user opens a specially crafted file, an attacker could execute arbitrary code in the context of the affected process; the vulnerability received a CVSS v4 base score of 8.5 and is characterized by low attack complexity. Delta recommends updating to Version 2.1.0.34 or later. CISA advises minimizing network exposure for control systems, isolating control networks, and using secure remote access methods.
read more →

Fuji Electric Monitouch V-SFT-6 Buffer Overflow Advisory

⚠️ Fuji Electric Monitouch V-SFT-6 (v6.2.7.0) contains two buffer overflow vulnerabilities — a heap-based and a stack-based overflow — triggered by specially crafted project files. Identified as CVE-2025-54496 and CVE-2025-54526, both carry CVSS v3.1 scores of 7.8 and CVSS v4 scores of 8.4. Successful exploitation could crash the HMI and may permit code execution; the vendor issued fixes in V6.2.8.0 and recommends updating to V6.2.9.0 or later.
read more →

Google AI 'Big Sleep' Finds Five WebKit Flaws in Safari

🔒 Google’s AI agent Big Sleep reported five vulnerabilities in Apple’s WebKit used by Safari, including a buffer overflow, two memory-corruption issues, an unspecified crash flaw, and a use-after-free (CVE-2025-43429 through CVE-2025-43434). Apple issued patches across iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, watchOS 26.1, visionOS 26.1 and Safari 26.1. Users are advised to install the updates promptly to mitigate crash and memory-corruption risks.
read more →

Delta ASDA-Soft Stack Overflow Vulnerabilities (2025)

⚠️ Delta Electronics' ASDA-Soft contains two stack-based buffer overflow vulnerabilities (CVE-2025-62579, CVE-2025-62580) affecting versions 7.0.2.0 and earlier. Both issues were assigned a CVSS v4 base score of 8.4 and can allow writing outside the intended stack buffer when a valid user opens a crafted project file. Exploitation requires local access and user interaction; no public exploitation has been reported to CISA. Delta has released ASDA-Soft v7.1.1.0 and users should update and apply network isolation and standard email/attachment precautions.
read more →

Siemens SiPass integrated vulnerabilities and update

🔒 Siemens released security updates for SiPass integrated to address four vulnerabilities—an Accusoft ImageGear heap-based buffer overflow, stored cross-site scripting, an authorization bypass via user-controlled keys, and recoverable password storage. Exploitation could enable account compromise, data manipulation, impersonation, or arbitrary code execution on affected servers. Siemens recommends updating to V3.0, restricting access to trusted personnel, and avoiding untrusted image uploads; CISA advises isolating devices and using secure remote access.
read more →