all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

OAS Engine Deep Dive: Abusing low-impact vulnerabilities to escalate privileges

Add to bookmarks
Jan. 31, 2024, 5 p.m. | Jared Rittle

Cisco Talos Intelligence Group - Comprehensive Threat Intelligence blog.talosintelligence.com

Open Automation Software recently released patches for multiple vulnerabilities in their OAS Engine

Cisco Talos publicly disclosed these issues after working with Open Automation Software to ensure that patches were available for users. Now that a fix has been released with Version 19, we want to take the time

abusing automation cisco cisco talos deep dive dive engine fix impact low oas open automation software patches privileges software talos version vulnerabilities vulnerability deep dive working

Visit resource

More from blog.talosintelligence.com / Cisco Talos Intelligence Group - Comprehensive Threat Intelligence

New banking trojan “CarnavalHeist” targets Brazil with overlay attacks 1 day, 21 hours ago | blog.talosintelligence.com
attacks banking banking trojan banking trojans +19
Attackers are impersonating a road toll payment processor across the U.S. in phishing attacks 2 days, 15 hours ago | blog.talosintelligence.com
attackers attacks drivers equally +17
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader 2 days, 21 hours ago | blog.talosintelligence.com
apt apt groups bear campaign +7
New Generative AI category added to Talos reputation services 3 days, 16 hours ago | blog.talosintelligence.com
announcements artificial artificial intelligence audio +11
Out-of-bounds reads in Adobe Acrobat; Foxit PDF Reader contains vulnerability that could lead to SYSTEM-level … 3 days, 17 hours ago | blog.talosintelligence.com
acrobat adobe adobe acrobat application +14
Apple and Google are taking steps to curb the abuse of location-tracking devices — but … 1 week, 2 days ago | blog.talosintelligence.com
abuse adversaries airtag apple +16
From trust to trickery: Brand impersonation over the email attack vector 1 week, 3 days ago | blog.talosintelligence.com
adversaries attack attack vector brand +10
Rounding up some of the major headlines from RSA 2 weeks, 2 days ago | blog.talosintelligence.com
coming conference major may +3
Talos releases new macOS open-source fuzzer 2 weeks, 2 days ago | blog.talosintelligence.com
code fuzzer fuzzing linux +8

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
View on infosec-jobs.com