Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services

Discussion in 'News Aggregator' started by Ravie Lakshmanan, 19 Oct 2021.

  1. Researchers have disclosed an out-of-bounds read vulnerability in the Squirrel programming language that can be abused by attackers to break out of the sandbox restrictions and execute arbitrary code within a SquirrelVM, thus giving a malicious actor complete access to the underlying machine. Tracked as CVE-2021-41556, the issue occurs when a game library referred to as Squirrel Engine is used[​IMG]

    Continue reading...
     

Share This Page

Loading...