all InfoSec news
Vulnerability Spotlight: Vulnerabilities in Alyac antivirus program could stop virus scanning, cause code execution
Cisco Talos Intelligence Group - Comprehensive Threat Intelligence blog.talosintelligence.com
Jaewon Min of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.
Update (Aug. 3, 2022): Talos disclosed two new vulnerabilities in the Alyac antivirus software and added their details to this post.
Cisco Talos recently discovered out-of-bounds read and buffer overflow vulnerabilities in ESTsecurity Corp.’s Alyac antivirus software that could cause a denial-of-service condition or arbitrary code execution. Alyac is an antivirus software developed for Microsoft Windows machines.
TALOS-2022-1452 (CVE-2022-21147) is a vulnerability that exists in a specific Alyac …
antivirus code code execution cve program scanning securex spotlight virus vulnerabilities vulnerability