Cisco Talos Discloses Multiple Vulnerabilities in TP-Link, Adobe, OpenVPN, and Norton VPN
Cisco Talos disclosed eight vulnerabilities in TP-Link Archer AX53 routers and one each in Adobe Photoshop, OpenVPN, and Norton VPN, with most patches available.
Cisco Talos' Vulnerability Discovery & Research team has disclosed a batch of vulnerabilities affecting products from TP-Link, Adobe, OpenVPN, and Gen Digital's Norton VPN. The disclosures include eight flaws in the TP-Link Archer AX53 router, a privilege escalation bug in Adobe Photoshop, a denial-of-service vulnerability in OpenVPN, and a privilege escalation issue in Norton VPN. Most vendors have released patches, except for the Norton VPN vulnerability, which was discovered in-use before a patch was available.
The TP-Link Archer AX53, a dual-band gigabit Wi-Fi router, is affected by eight vulnerabilities discovered by researcher Lilith >_>. These include a stack-based buffer overflow (CVE-2026-30814) in the tmpServer opcode 0x436 that can lead to arbitrary code execution via specially crafted network packets. Additionally, multiple OS command injection flaws (CVE-2026-30815, CVE-2026-30818, and three others without CVEs) exist in the OpenVPN and dnsmasq configuration restore functionalities, allowing attackers to execute arbitrary commands by uploading malicious configuration files. Two external config control vulnerabilities (CVE-2026-30816, CVE-2026-30817) enable arbitrary file reading through crafted configuration values.
In Adobe Photoshop, researcher KPC identified a privilege escalation vulnerability (CVE-2026-34632) in the installation process via the Microsoft Store. The vulnerable installer, Photoshop_Set-Up.exe version 2.11.0.30, allows a low-privilege user to replace files during installation, potentially leading to elevation of privileges. Adobe has patched this issue.
OpenVPN, the open-source SSL VPN solution, is affected by a reachable assertion vulnerability (CVE-2026-35058) in the TLS Crypt v2 Client Key Extraction functionality of versions 2.6.x and 2.8_git. Discovered by Emma Reuter of Cisco ASIG, this flaw can be triggered by a specially crafted network packet, causing a denial of service. OpenVPN has released a patch.
Finally, researcher KPC discovered a privilege escalation vulnerability (CVE-2025-58074) in the installation process of Norton VPN via the Microsoft Store. A low-privilege user can replace files during installation, leading to deletion of arbitrary files and possible privilege escalation. Notably, this vulnerability was discovered in-use before a patch was available, meaning it may have been exploited in the wild. Gen Digital has not yet released a patch.
Cisco Talos has provided Snort rules to detect exploitation of these vulnerabilities. Users are advised to apply patches from respective vendors and update their security solutions. The disclosures highlight the ongoing risk in widely used consumer and enterprise software, emphasizing the need for prompt patching and vulnerability management.