all InfoSec news
OAS Engine Deep Dive: Abusing low-impact vulnerabilities to escalate privileges
Malware Analysis, News and Indicators - Latest topics malware.news
Open Automation Software recently released patches for multiple vulnerabilities in their OAS Engine.
Cisco Talos publicly disclosed these issues after working with Open Automation Software to ensure that patches were available for users. Now that a fix has been released with Version 19, we want to take the time to dive into a few of these vulnerabilities and show how a handful of bugs that could be viewed as low-impact could be exploited as a series to carry out …
abusing automation cisco cisco talos deep dive dive engine fix impact low oas open automation software patches privileges software talos version vulnerabilities working