A medium severity bug reported on Saturday impacts Ghidra, a free, open-source software reverse-engineering tool released by the National Security Agency earlier this year. The vulnerability allows a remote attacker to compromise exposed systems, according to a NIST National Vulnerability Database description. Researchers are downplaying the impact of the bug, saying conditions needed to exploit the flaw are rare. No fix is currently available, but researchers say it’s already an area to expect bugs and vulnerabilities in the software.
Source: https://threatpost.com/bug-in-nsas-ghidra/148787/