SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP
Title: Cisco warns of several vulnerabilities in routers aimed at small and mid-sized businesses
Description: Cisco recently disclosed 15 vulnerabilities in its RV series of wireless routers, five of which are considered critical. The RV routers are aimed at small and mid-sized businesses’ networks. Three of the vulnerabilities have the highest possible severity rating — including a remote code execution vulnerability and an issue that could allow an attacker to elevate their privileges. When taken as a group, an attacker could exploit any of these vulnerabilities to carry out several malicious actions, including executing arbitrary commands and code, bypass authentication processes and cause a denial of service.
References: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D
SNORT® SIDs: 58967 – 58972, 58984, 58987 - 58989
Title: Vulnerability in Hancom Office could lead to memory corruption, code execution
Description: Cisco Talos recently discovered a vulnerability in Hancom Office — a popular software suite in South Korea — that could allow an attacker to corrupt memory on the targeted machine or execute remote code. Hancom Office offers similar services to that of Microsoft Office, including word processing and spreadsheet creation and management. CVE-2021-21958 exists in Hancom Office’s HwordApp.dll. An attacker-created malicious document could trigger a heap-based buffer overflow, eventually leading to code execution and/or memory corruption if the attacker follows a specific attack vector.
References: https://blog.talosintelligence.com/2022/02/vuln-spotlight-.html
SNORT® SIDs: 58365 and 58366