cognitive cybersecurity intelligence

News and Analysis

Search

Serious security hole plugged in infosec tool binwalk

Security analysis tool Binwalk poses a risk to users running outdated versions due to a security pitfall that could lead to remote code execution. Researcher Quentin Kaiser discovered that a mistake in binwalk’s Professional File System extractor plugin has created a vulnerability that lets files be written outside of the extraction directory. Kaiser eventually alerted Microsoft-owned Refirm Labs to the issue, which released a patch for it after three months.

Source: portswigger.net –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts