{“lastseen”:”2025-12-18T00:05:11″,”description”:”\\n\\nCisco Talos’ Vulnerability Discovery \\u0026 Research team recently disclosed vulnerabilities in Biosig Project Libbiosig, Grassroot DiCoM, and Smallstep step-ca.\\n\\nThe vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to _Cisco ‘s third-party vulnerability disclosure policy_, except for Grassroot, as the DiCoM vulnerabilities are zero-days. \\n\\nFor Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from _Snort.org_, and our latest Vulnerability Advisories are always posted on _Talos Intelligence ‘s website_.\\n\\n## **Libbiosig vulnerability**\\n\\n _Discovered by Mark Bereza of Cisco Talos._\\n\\nBioSig is an open source software library for biomedical signal processing. The BioSig Project seeks to encourage research in biomedical signal processing by providing open source software tools.\\n\\n_TALOS-2025-2296_ (CVE-2025-66043-CVE-2025-66048) includes several stack-based buffer overflow vulnerabilities in the MFER parsing functionality of the Biosig Project libbiosig 3.9.1. An attacker can supply a specially crafted MFER file to trigger these vulnerabilities, possibly leading to arbitrary code execution.\\n\\n## **Grassroot DiCoM vulnerabilities**\\n\\n _Discovered by Emmanuel Tacheau of Cisco Talos._\\n\\nGrassroots DiCoM is a C++ library for DICOM medical files, accessible from Python, C#, Java, and PHP. It supports RAW, JPEG, JPEG 2000, JPEG-LS, RLE and deflated transfer syntax. Talos found three out-of-bounds read vulnerabilities in DiCoM. An attacker can provide a malicious file to trigger these vulnerabilities.\\n\\n * _TALOS-2025-2210_(CVE-2025-53618-CVE-2025-53619) can lead to an information leak.\\n * _TALOS-2025-2211_ (CVE-2025-52582) can lead to an information leak.\\n * _TALOS-2025-2214_ (CVE-2025-48429) can lead to leaking heap data.\\n\\n\\n\\n## **Smallstep step-ca vulnerabilities**\\n\\n _Discovered by Stephen Kubik of the Cisco Advanced Security Initiatives Group (ASIG)._\\n\\nSmallstep step-ca is a TLS-secured online Certificate Authority (CA) for X.509 and SSH certificate management. _TALOS-2025-2242_ (CVE-2025-44005) is an authentication bypass vulnerability in step-ca. An attacker can bypass authorization checks and force a Step-CA ACME or SCEP provisioner to create certificates without completing certain protocol authorization checks.”,”published”:”2025-12-17T21:02:40″,”modified”:”2025-12-17T21:02:40″,”type”:”talosblog”,”title”:”Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities”,”source”:””,”references”:””,”id”:”TALOSBLOG:FEFE6487342DB72D8EF8D3F45618004B”,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[“CVE-2025-44005″,”CVE-2025-48429″,”CVE-2025-52582″,”CVE-2025-53618″,”CVE-2025-53619″,”CVE-2025-66043″,”CVE-2025-66048″],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:10,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:H\/A:N”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/blog.talosintelligence.com\/libbiosig-grassroot-dicom-smallstep-step-ca-vulnerabilities\/”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-12-18T00:05:11″,”description”:”\\n\\nCisco Talos’ Vulnerability Discovery \\u0026 Research team recently disclosed vulnerabilities in Biosig Project Libbiosig, Grassroot DiCoM, and Smallstep step-ca.\\n\\nThe vulnerabilities…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[9,6,8,36,12,13,7,69,11,5],"class_list":["post-31725","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-critical","tag-cve","tag-cvss","tag-cvss-100","tag-exploit","tag-news","tag-security","tag-talosblog","tag-tapic","tag-vulnerability"],"yoast_head":"\n