Security
Headlines
HeadlinesLatestCVEs

Headline

Vulnerability Spotlight: Vulnerability in Alyac antivirus program could stop virus scanning, cause denial of service

Jaewon Min of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered an out-of-bounds read vulnerability in the ESTsecurity Corp.’s Alyac antivirus software that could cause a denial-of-service condition.
If successful, an attacker could…

[[ This is only the beginning! Please visit the blog for the complete entry ]]

TALOS
#vulnerability#mac#windows#microsoft#cisco#dos

Jaewon Min of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.

Cisco Talos recently discovered an out-of-bounds read vulnerability in the ESTsecurity Corp.’s Alyac antivirus software that could cause a denial-of-service condition.

If successful, an attacker could trigger this vulnerability to stop the program from scanning for malware, which would be crucial in a potential attack scenario. Alyac is an antivirus software developed for Microsoft Windows machines.

TALOS-2022-1452 (CVE-2022-21147) is a vulnerability that exists in a specific Alyac module that, eventually, leads to a crash of Alyac’s scanning process, which effectively neutralizes the antivirus scan.

Cisco Talos worked with ESTsecurity to ensure that this issue is resolved and an update is available for affected customers, all in adherence to Cisco’s vulnerability disclosure policy.

Users are encouraged to update these affected products as soon as possible: ESTsoft Alyac, version 2.5.7.7. Talos tested and confirmed this version is affected by this vulnerability.

The following SNORTⓇ rules will detect exploitation attempts against this vulnerability: 59014 and 59015. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. For the most current rule information, please refer to your Cisco Secure Firewall Management Center or Snort.org.

Related news

CVE-2022-21147: TALOS-2022-1452 || Cisco Talos Intelligence Group

An out of bounds read vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.7.7. A specially-crafted PE file can trigger this vulnerability to cause denial of service and termination of malware scan. An attacker can provide a malicious file to trigger this vulnerability.

TALOS: Latest News

New PXA Stealer targets government and education sectors for sensitive information