- 1457765088 bpthumb - Multiple Unpatched Vulnerabilities in Blender Identified

Technology has evolved in incredible ways that has helped people to create and visualize media like never before. Today, people can use tools such as Blender to visualize, , and animate 3D content, especially since it’s free and open-source . However, this also make it an attractive target for adversaries to audit and find vulnerabilities. Given the user base of , exploiting these vulnerabilities to compromise a user could have a significant impact as could use the foothold gained by attacking to further compromise an organization’s network.

Today, Talos is disclosing vulnerabilities that have been in Blender. These vulnerabilities could allow an attacker to execute arbitrary code on an affected host running Blender. A user who opens a specially crafted file in Blender that is designed to trigger one of these vulnerabilities could be exploited and compromised.

Talos has responsibly disclosed these vulnerabilities to Blender in an attempt to ensure they are addressed. However, Blender has declined to address them stating that “fixing these issues one by one is also a waste of time.” As a result, there currently is no software update that addresses these vulnerabilities. Additionally, Blender developers believe that “opening a file with Blender should be considered like opening a file with the Python interpreter, you have [to trust] the source it is coming from.”

- image1 - Multiple Unpatched Vulnerabilities in Blender Identified

Read More >>



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here