[HackerNews] Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services

Researchers have disclosed an out-of-bounds read vulnerability in the Squirrel programming language that can be abused by attackers to break out of the sandbox restrictions and execute arbitrary code within a SquirrelVM, thus giving a malicious actor complete access to the underlying machine. 
Tracked as CVE-2021-41556, the issue occurs when a game library referred to as Squirrel Engine is used

Source: Read More (The Hacker News)

You might be interested in …

[SecurityWeek] Voltage Glitching Attack on AMD Chips Poses Risk to Cloud Environments

All posts, Security Week

Researchers have described a voltage glitching attack that shows AMD’s Secure Encrypted Virtualization (SEV) technology may not provide proper protection for confidential data in cloud environments. The research was conducted by a team from the Technical University of Berlin (TU Berlin) and it was detailed in a paper published this week. read more Source: Read […]

Read More

[SecurityWeek] Several Vulnerabilities Patched in ‘MDT AutoSave’ Industrial Automation Product

All posts, Security Week

Industrial automation solutions provider MDT Software has patched several critical and high-severity vulnerabilities in its flagship product, MDT AutoSave. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[ThreatPost] Cisco BPA, WSA Bugs Allow Remote Cyberattacks

All posts, ThreatPost

The high-severity security vulnerabilities allow elevation of privileges, leading to data theft and more. Source: Read More (Threatpost)

Read More