Source |
CISCO Talos |
Identifiant |
7335497 |
Date de publication |
2022-10-07 10:11:53 (vue: 2022-10-07 16:06:13) |
Titre |
Vulnerability Spotlight: Issue in Hancom Office 2020 could lead to code execution |
Texte |
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable memory corruption vulnerability in Hancom Office 2020. Hancom Office is a popular software collection among South Korean users that offers similar products to Microsoft Office, such as word processing and spreadsheet creation and management. TALOS-2022-1574 (CVE-2022-33896) exists in the way the Hword word processing software processes XML files. An attacker could exploit this vulnerability by tricking the user into opening a specially crafted file, triggering a memory corruption error on the software and potentially leading to remote code execution on the targeted machine. Cisco Talos worked with Hancom to ensure that this issue is resolved and an update is available for affected customers, all in adherence to Cisco's vulnerability disclosure policy. Users are encouraged to update these affected products as soon as possible: Hancom Office 2020, version 11.0.0.5357. Talos tested and confirmed this version of Hancom Office could be exploited by this vulnerability. The following Snort rules will detect exploitation attempts against this vulnerability: 60254 and 60255. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org. |
Envoyé |
Oui |
Condensat |
hancom talos cisco the users 1574 2020 2022 33896 5357 60254 60255 additional adherence affected against all among are attacker attempts available blog center change cisco code collection confirmed corruption could crafted creation current customers cve detect disclosure discovered encouraged ensure error execution exists exploit exploitable exploitation exploited file files firepower following future hancom hword information issue jon korean lead leading machine management marcin may memory microsoft most munshaw noga offers office opening org pending please policy popular possible: potentially processes processing products recently refer released remote resolved rule rules similar snort software soon south specially spotlight: spreadsheet subject such talos targeted tested these tricking triggering update user users version vulnerability vulnerability: way will word worked xml your “icewall” |
Tags |
Vulnerability
Guideline
|
Stories |
|
Notes |
|
Move |
|