<ciso brief/>
Tag Banner

All news with #integer overflow tag

all tags →

Tue, November 4, 2025

Talos Discloses TruffleHog, Fade In, and BSAFE Flaws

#Security Advisory #Patch #TruffleHog #Fade In #Dell BSAFE #RCE #Use-After-Free #Stack Overflow #Integer Overflow

🔒 Cisco Talos’ Vulnerability Discovery & Research team disclosed multiple vulnerabilities affecting TruffleHog, Fade In, and Dell BSAFE Crypto-C, including arbitrary code execution, out-of-bounds write/use-after-free, and integer/stack overflow issues. The issues were reported by Talos researchers and external collaborators and vendors have issued patches following Cisco’s disclosure policy. Users should apply vendor updates, deploy updated detection rules such as Snort signatures, and consult Talos advisories for indicators and recommended mitigations.

read more →

Tue, September 16, 2025

Siemens Integer Overflow Vulnerabilities in Industrial Devices

#Security Advisory #Patch #Siemens #Industrial Control Systems #Integer Overflow

🔔 Siemens ProductCERT and CISA report multiple integer overflow vulnerabilities (CVE-2021-41990, CVE-2021-41991) affecting a broad set of SIMATIC NET CP, SINEMA and SCALANCE devices. Exploitation can cause denial-of-service by triggering integer wraparound; remote code execution is considered unlikely. Siemens provides firmware fixes and workarounds; operators should apply vendor updates, restrict network exposure and follow Siemens operational security guidance.

read more →