For the most current rule information, please refer to your Cisco Secure Firewall Management Center or. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. Multi-cam editing in DaVinci Resolve 12 lets editors quickly cut programs while playing back multiple sources in real time. The following SNORTⓇ rules will detect exploitation attempts against this vulnerability: 58716, 58717, 5870.
tested and confirmed these versions of DaVinci could be exploited by this vulnerability. Users are encouraged to update these affected products as soon as possible: Blackmagic Design DaVinci Resolve, version 17. Alternatively, TALOS-2021-1427 (CVE-2021-40418) could also lead to code execution, but is instead triggered as the result of an uninitialized object member as a result of an incorrect UUID.Ĭisco Talos worked with Blackmagic to ensure that these issues are resolved and an update is available for affected customers, all in adherence to Cisco’s vulnerability disclosure policy. TALOS-2021-1426 (CVE-2021-40417) is a heap-based buffer overflow vulnerability that occurs when the application faces an integer overflow condition that leads to a sign extension while trying to decode a video file. Both these vulnerabilities exist in the DPDecoder service inside DaVinci Resolve. Cisco Talos recently discovered two vulnerabilities in the DaVinci Resolve video editing software that could allow an adversary to execute code in the context of the application.ĭaVinci Resolve is a non-linear video editing application from Blackmagic Software that is available on multiple operating systems.
0 kommentar(er)
