SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP
Title: Cisco patches dozen vulnerabilities in Data Center Network Manager
Description: Cisco released multiple security advisories last week announcing patches for 12 vulnerabilities in the Data Center Network Manager software. The software allows users to manage their Cisco switches and fabric extenders. Three of the vulnerabilities disclosed (CVE-2019-15975, CVE-2019-15976 and CVE-2019-15977) could allow an unauthenticated, remote attacker to bypass authentication and carry out a variety of malicious tasks with administrative privileges on an affected device.
Reference: https://www.helpnetsecurity.com/2020/01/06/cisco-data-center-network-manager-flaws-fixed/
Snort SIDs: 52530 - 52547
Title: Buffer overflow vulnerabilities in OpenCV
Description: Cisco Talos recently discovered two buffer overflow vulnerabilities in the OpenCV libraries. An attacker could potentially exploit these bugs to cause heap corruptions and potentially code execution. Intel Research originally developed OpenCV in 1999, but it is currently maintained by the non-profit organization OpenCV.org. OpenCV is used for numerous applications, including facial recognition technology, robotics, motion tracking and various machine learning programs.
Reference: https://blog.talosintelligence.com/2020/01/opencv-buffer-overflow-jan-2020.html
Snort SIDs: 50774, 50775 (By Dave McDaniel)