All posts tagged: Internet

Overview
A stack-based buffer overflow vulnerability exists in GNU libtasn1, a low-level ASN.1 parsing library. The issue is caused by unsafe string concatenation in the asn1_expand_octet_string function located in decoding.c. Under worst-case conditions, this results in a one-byte stack overflow that may corrupt adjacent memory. While the overflow is limited to a single byte, such conditions can still lead to unexpected behavior when processing untrusted ASN.1 input data.
Description
GNU libtasn1 is a low-level C library for manipulating Abstract Syntax Notation One (ASN.1) data structures and encoding rules, including Distinguished Encoding Rules (DER). It implements functionality defined by ITU-T Recommendations X.680 and X.690 and is widely used as a foundational component in cryptographic software stacks to parse and validate complex ASN.1-encoded data.
A stack-based buffer overflow has been identified in the function asn1_expand_octet_string in the file decoding.c. The vulnerability arises from the use of unbounded string manipulation functions (strcpy and strcat) to construct a local stack buffer (name) using the fields definitions->name and p2->name. In the worst-case scenario, both source strings may be at their maximum allowed length. When concatenated together with an additional separator character (“.”) and a terminating null byte, the destination buffer is undersized by one byte. As a result, the final null terminator written by strcat overflows the allocated stack buffer by a single byte.
Although the overflow is limited in size, it occurs during the parsing of potentially untrusted ASN.1 input. One-byte stack overflows have historically led to subtle memory corruption issues and may cause unexpected behavior, including crashes, during cryptographic operations such as signature verification or certificate parsing.
Impact
An attacker could trigger the buffer overflow using a malformed ASN.1 data to potential corrupt memory or cause unexpected behavior. This requires breaking libtasn1’s assumption that ASN.1 structures passed to it are already validated by the main application using this library. The impact of this vulnerability is limited due to the one-byte nature of the overflow. Exploitation is constrained and may be further mitigated by modern compiler protections such as stack canaries, _FORTIFY_SOURCE, and other hardening mechanisms. However, as the GNU libtasn1 is commonly used in cryptographic libraries and security-sensitive contexts, malformed ASN.1 input triggering this condition could result in parsing failures or abnormal behavior during critical cryptographic operations, including signature verification and cryptographic data validation.
Solution
A patch addressing this issue has been proposed to the GNU libtasn1 project and is available for review and testing at: https://gitlab.com/gnutls/libtasn1/-/merge_requests/121. Developers and integrators are encouraged to evaluate the patch and apply appropriate mitigations, such as using bounded string operations or safer formatting functions, to eliminate the overflow condition in affected versions. Read https://gitlab.com/gnutls/libtasn1/-/blob/master/NEWS.md for updates
Acknowledgements
Thanks to Benny Zelster from Microsoft Research for coordinating the disclosure of this vulnerability.This document was written by Vijay Sarvepalli.

Overview
Kernel driver ProcessMonitorDriver.sys in Safetica’s endpoint client x64, versions 10.5.75.0 and 11.11.4.0, allows for an unprivileged user to abuse an IOCTL path and terminate protected system processes.
Description
Safetica is a Data Loss Prevention (DLP) and Insider Risk Management (IRM) software solution that helps organizations protect their data via detecting, analyzing, and mitigating threats. Safetica’s platform is AI-powered and is used by public and private organizations, globally.
A vulnerabilty has been discovered in Safetica’s ProcessMonitorDriver.sys kernel driver. A local, unprivileged user can abuse a vulnerable IOCTL (Input/Output Control) path in the kernel driver to cause privileged termination of arbitrary system processes. IOCTL interfaces allow user-mode software to send commands into the kernel space so that the driver can perform specific privileged actions such as terminating processes. Terminating Safetica’s processes in endpoint detection and response and antivirus software can blind their clients’ security monitoring on their machines. Improper input sanitization and user validation mechanisms can manipulate the kernel driver into privilege escalation and DOS (denial of service).
Impact
A threat actor can leverage this vulnerability and could use the IOCTL path to terminate processes repeatedly. This could lead to a DOS attack and render Safetica’s systems unavailable.
Solution
At the time of publication, no vendor-supported fix is available for the vulnerability affecting Safetica DLP kernel driver ProcessMonitorDriver.sys, which allows unprivileged users to abuse exposed IOCTL handlers to terminate arbitrary processes. Until an official patch or guidance is provided by the vendor, the following mitigations are recommended:

Monitor and Detect Abuse of IOCTL Calls Targeting the Driver: Safetica’s client organizations should actively monitor for suspicious or abnormal IOCTL handler requests. To detect this activity, clients should deploy kernel driver monitoring solutions like Endpoint Detection and Response or System Monitor-like telemetry (where supported). This will 1) identify unprivileged processes, 2) detect unusual IOCTL patterns, and 3) alert security teams when user-mode processes interact with the kernel driver.

Restrict or Block Access to the Vulnerable Driver via Policy Controls: To restrict access to ProcessMonitorDriver.sys, Safetica’s client organizations should use Windows Group Policy or Application Control policies (WDAC [https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/group-policy/group-policy-overview] /AppLocker [https://learn.microsoft.com/en-us/windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker]). This will prevent untrusted or non-administrative processes from loading or interacting with the driver, through policy-based enforcement mechanisms. These enforcement mechanisms can block untrusted or unsigned binaries from communicating with the kernel driver.

Acknowledgements
Thanks to the reporter, KOSEC LLC. This document was written by Ayushi Kriplani.

Overview
A Server-Side Template Injection (SSTI) vulnerability exists in the Genshi template engine due to unsafe evaluation of template expressions. Genshi processes template expressions using Python’s ‘eval()’ and ‘exec()’ functions while allowing fallback access to Python built-in objects. If an attacker can influence template expressions, this behavior can result in arbitrary code execution on the server.
Description
Genshi is a Python library developed by Edgewall, it provides an integrated set of components for parsing, generating, and processing HTML, XML, or other textual content for output generation on the web. Genshi is most used to render dynamic web pages in Python web frameworks.
Genshi evaluates template expressions, such as $…, through an internal expression evaluation mechanism implemented in Genshi’s ‘eval.py’.
During expression evaluation, variable resolution is performed by the ‘lookupname()’ method. If a variable is not found in the provided template data, Genshi falls back to resolving the name from Python’s built-in namespace. This namespace includes powerful built-in functions such as globals() ’ and ‘import’.
As a result, when an attacker can control or inject template expressions, they may access Python built-in functions and chain them to achieve arbitrary code execution.
Impact
If an attacker can influence or inject template expressions, this vulnerability allows arbitrary code execution with the privileges of the running application. Potential impacts include executing operating commands, deploying reverse shells or web shells, unauthorized access to sensitive data, or full compromise of the affected server. This issue effectively turns SSTI into Remote Code Execution (RCE).
Solution
At the time of publication, Genshi has not released an update addressing this issue. Until an official patch or guidance is provided by the vendor, the following mitigations are recommended:

Do not allow untrusted users to control template expressions or template sources. Templates must be treated as executable code.

Restrict or eliminate access to Python built-ins during template evaluation.

Avoid using ‘eval()’ or ‘exec()’ on dynamically constructed expressions when untrusted input is involved.

If user-defined templates are required, render them in a hardened sandbox environment.

Acknowledgements
Thanks to the reporter Jangwoo Choe. This document was written by Michael Bragg.

Overview
dr_flac, an open-source FLAC audio decoder, part of the dr_libs audio decoder toolset, contains an integer overflow vulnerability allowing for denial of service (DoS) when provided a specific crafted file. An attacker can exploit this vulnerability through providing a tool that uses dr_flac a specially crafted file, and can cause the tool to crash. The vulnerability, tracked as CVE-2025-14369, has been patched in commit b2197b2 of dr_flac. In an enterprise situation, audio tools that use dr_flac may be susceptible to crashes or other abnormal behavior if they process attacker-controlled files.
Description
dr_libs is an open-source audio decoding tool. It is made of three separate tools, dr_flac, dr_mp3, and dr_wav, which can decode FLAC, MP3, and WAV files respectively.
An integer overflow vulnerability has been discovered, tracked as CVE-2025-14369 within dr_libs. An attacker who can supply crafted input FLAC files to the tool may trigger allocation of a large amount of memory, leading to a crash or unintended function of the tool.
During function, a single block of memory could be allocated to totalPCMFrameCount from the FLAC metadata without validation before the calculation of the bugger size. This could result in a specifically crafted file being allocated an arbitrary amount of memory space.
Impact
An attacker able to send input data in the form of FLAC files to the tool or other input stream that uses dr_flac could cause a crash or DoS attack.
Solution
Commit b2197b2, released on GitHub, fixes the issue. Users should update to the latest version ASAP. All versions prior to commit b2197b2 are affected.
Acknowledgements
Thanks to the reporter who wishes to remain Maor Caplan.This document was written by Christopher Cullen.

Overview
Multiple vulnerabilities were discovered in The Librarian, an AI-powered personal assistant tool provided by the company TheLibrarian.io. The Librarian can be used to manage personal email, calendar, documents, and other information through external services, such as Gmail and Google Drive, and also summarize meetings and schedule emails.
The vulnerabilities are among internal tools that The Librarian uses during its normal functions.
These tools, view_document, web_fetch, and image_generate, allow an authenticated user
* access to the administrative console
* internal web crawling and port scanning of the internal infrastructure for thelibrarian.io
* disclosure of the internal system prompt for The Librarian
All vulnerabilities have since been fixed by thelibrarian.io, and the tools have now been deprecated.
Description
TheLibrarian.io is an AI company that offers the namesake AI-powered personal assistant tool, “The Librarian”. This assistant can perform a variety of services and can integrate with other external applications. Some of these abilities include calendar management, sending email, and document management. Integratable services include Google products such as Gmail and Google Drive.
A series of vulnerabilities have been discovered within The Librarian that enable an attacker to access the internal infrastructure of TheLibrarian.io, including the administrator console and cloud environment. They also permit disclosure of the internal system prompt, web crawling, log access, and viewing of internal processes that infrastructure for TheLibrarian.io is running.
Below is a list of all the vulnerabilities and respective CVE IDs assigned to them.
VU#383552.1
The Librarian image_generation tool can be used to disclose the full system prompt through requesting an image to be generated with the embedded system prompt.
VU#383552.2
The Librarian view_document tool can be used to disclose the full system prompt through requesting the system prompt be appended to a document that is uploaded to the system.
CVE-2026-0612
The Librarian contains a information leakage vulnerability through the web_fetch tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure.
CVE-2026-0613
The Librarian contains an internal port scanning vulnerability, facilitated by the web_fetch tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning and metadata retrieval of the Hertzner cloud environment that TheLibrarian uses.
CVE-2026-0615
The Librarian supervisord status page can be retrieved by the web_fetch tool, which can be used to retrieve running processes within The Librarian backend.
CVE-2026-0616
The Librarian’s web_fetch tool can be used to retrieve the Adminer interface content, which can then be used to log in to the internal backend system of The Librarian.
Impact
An attacker who exploits these vulnerabilities could control a wide variety of aspects of the internal infrastructure for TheLibrarian.io. This could include process control, lateral movement, and credential theft. CVE-2026-0614, CVE-2026-0615, and CVE-2026-0616 are largely responsible for this potential impact. VU#383552.1 to VU#383552.4 allow for exploitation and potential misuse of the capabilities of The Librarian, and could result in jailbreaks or unintended actions by the AI.
Solution
The vendor has stopped the web-fetch tool from being able to retrieve dangerous content. Web-retrieval is now handled by a third-party service. The vendor also stated that: “prompt content is not a secrecy boundary in our threat model” in regard to system prompt disclosure.
Acknowledgements
Thanks to the reporter, Aaron Portnoy of Mindgard.ai. This document was written by Christopher Cullen.

Overview
A vulnerability, tracked as CVE-2025-14894, has been discovered within Livewire Filemanager, a tool designed for usage within Laravel applications. The Livewire Filemanager tool allows for users to upload various files, including PHP files, and host them within the Laravel application. When a user uploads a PHP file to the application, it can be accessed and executed by visiting the web-accessible file hosting directory. This enables an attacker to create a malicious PHP file, upload it to the application, then force the application to execute it, enabling unauthenticated arbitrary code execution on the host device.
Description
Livewire Filemanager is a tool designed to be embedded into Laravel applications, allowing for files to be uploaded, stored and managed. Laravel is a PHP framework, intended for web application development. A vulnerability has been discovered within the Livewire Filemanager that enables remote code execution (RCE) by uploading a malicious PHP file. This vulnerability is tracked as CVE-2025-14894, and its description is below:

Livewire Filemanager, commonly used in Laravel applications, contains LivewireFilemanagerComponent.php, which does not perform file type and MIME validation, allowing for RCE through upload of a malicious php file that can then be executed via the /storage/ URL if a commonly performed setup process within Laravel applications has been completed.

As a note, Livewire Filemanager defines validation of file types to be out of scope, and recommends users perform their own file type validation. However, the ability to remotely execute files uploaded through the web application is what actually enables executing the malware.
During default usage of Livewire Filemanager, files can be accessed via the publicly accessible “storage/app/public” URL. This occurs if the php artisan storage:link command has previously been executed, enabling web serving. If a malicious PHP file is uploaded to the file manager, it can then be accessed and executed from that URL when passed a user ID alongside the request, enabling remote code execution on the target device.
Impact
The vulnerability enables unauthenticated remote code execution as the web server user, enabling full read and write of files accessible to that user, as well as the capability to further pivot and compromise connecting devices, making CVE-2025-14894 a high impact vulnerability.
Solution
At the time of writing, the vendor has not acknowledged the vulnerability. CERT/CC recommends using increased caution with Laravel Filemanager, and to check if the php artisan storage:link command has previously been executed, and if so, consider removing the web serving capability of the tool.
Acknowledgements
Thanks to the reporter HackingByDoing. This document was written by Christopher Cullen.

Overview
Redmi Buds, a series of Bluetooth earbuds produced and sold by Xiaomi, contain an Information Leak vulnerability and a Denial of Service (DoS) vulnerability in versions 3 Pro through 6 Pro. An attacker within Bluetooth radio range can send specially crafted RFCOMM protocol interactions to the device’s internal channels without prior pairing or authentication, enabling the exposure of sensitive call-related data or triggering repeatable firmware crashes.
Description
The two vulnerabilities originate from the firmware’s improper management of RFCOMM control and signaling mechanisms. The product specifications for Redmi Buds advertise support for the Bluetooth Classic profiles HFP, A2DP, and AVRCP, but direct experimentation has also confirmed the presence of additional, undocumented L2CAP/ RFCOMM channels active on the devices. These channels were likely implemented to facilitate auxiliary services or legacy audio support; vendor-specific internal interfaces are not required to be publicized in consumer product pages.
CVE-2025-13834 This vulnerability is the result of flawed bounds checking during the internal handling of abnormal RFCOMM TEST commands. When the device’s control channel (DLCI 0) receives a TEST command with a large length field but an empty payload, its faulty response handler returns a buffer of uninitialized memory. An attacker can exploit this behavior to steal up to 127 bytes of potentially sensitive data, such as the phone number of a user’s active call peer, with a single packet. Notably, the mechanism of this vulnerability is closely related to the infamous Heartbleed bug (CVE-2014-0160). Like Heartbleed, this flaw originates from blind trust in a packet’s length field without adequate bounds checking, resulting in an out-of-bounds read and unintended memory disclosure.
CVE-2025-13328 This vulnerability is caused by the firmware’s susceptibility to flooding attacks over RFCOMM channels. When an attacker floods the standard control channel (DLCI 0) with a high volume of legitimate TEST commands, the device’s processing queue is overwhelmed, leading to resource exhaustion and a firmware crash that forcibly terminates paired user connections. Other active data channels across the device’s RFCOMM implementation are also vulnerable to flooding via MSC (Modem Status Command) signaling frames, including both the standard HFP (Hands-Free Profile) channel and an undocumented Airoha auxiliary service channel.
Impact
Both vulnerabilities can be exploited by an unpaired, unauthenticated attacker within Bluetooth radio range without prior user interaction. The only prerequisite for exploitation is obtaining the MAC address of the target device, which can be discovered through basic Bluetooth sniffing tools. During testing with standard dongles and no additional signal amplification, exploitation was achieved at an approximate distance of twenty meters; however, physical barriers and Bluetooth version differences can be expected to influence the effective range.
The uninitialized memory dumped by CVE-2025-13834 threatens the confidentiality of Redmi Buds users during or after private calls, as demonstrated by a PoC used to obtain the phone number of a user’s active call peer. Any other metadata that utilizes this memory pool is vulnerable to exposure, and the attack can be triggered repeatedly without alerting the user. This vulnerability demonstrates the susceptibility of IoT protocol stacks to the class of “missing bounds check” or “buffer over-read” flaws famously exemplified by Heartbleed in web servers. It represents a critical oversight in memory management within the Redmi Buds Bluetooth firmware.
The DoS vulnerability, CVE-2025-13328, can be exploited to the detriment of device availability for legitimate users, inducing repeatable firmware crashes that forcibly disconnect all paired devices. To restore functionality, the earbuds must be physically reset by returning them to the charging case.
Solution
Xiaomi could not be reached for statements regarding remediation plans or mitigation guidance. To reduce exposure, users are advised to disable Bluetooth when the earbuds are not in use, particularly in public or shared environments.
Acknowledgements
Thanks to Choongin Lee, Jiwoong Ryu, and Heejo Lee for discovering, researching, and reporting these vulnerabilities. This document was written by Molly Jaconski.