The attack method involved uploading a DjVu file via the platform’s web user interface that when passed to multiple third-party malware scanning engines could trigger an exploit for a high-severity remote code execution flaw in ExifTool, an open-source utility used to read and edit EXIF metadata information in image and PDF files. VirusTotal, part of Google’s Chronicle security subsidiary, is a malware-scanning service that analyzes suspicious files and URLs and checks for viruses using more than 70 third-party antivirus products. The flaw, now patched, made it possible to “execute commands remotely within VirusTotal platform and gain access to its various scans capabilities,” Cysource researchers Shai Alfasi and Marlon Fabiano da Silva said in a () exclusively shared with The Hacker News. Security researchers have disclosed a security issue that could have allowed attackers to weaponize the VirusTotal platform as a conduit to achieve remote code execution (RCE) on unpatched third-party sandboxing machines employed antivirus engines.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |