Vulnerability Spotlight: Multiple vulnerabilities in Pixar OpenUSD affects some versions of macOS


Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Aleksandar Nikolic and Jon Munshaw.

Pixar OpenUSD contains multiple vulnerabilities that attackers could exploit to carry out a variety of malicious actions. 

OpenUSD stands for “Open Universal Scene Descriptor.” Pixar uses this software for several types of animation tasks, including swapping arbitrary 3-D scenes that are composed of many different elements. Aimed at professional animation studios, the software is designed for scalability and speed as a pipeline connecting various aspects of the digital animation process. It is mostly expected to process trusted inputs in most use cases. This stands at odds with security considerations. 

Read more…