Remove 2022 Remove Firmware Remove Hacking
article thumbnail

Sophos backports fix for CVE-2022-3236 for EOL firewall firmware versions due to ongoing attacks

Security Affairs

Sophos backports the patch for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions due to ongoing attacks exploiting the issue. In December 2022, Sophos released security patches to address seven vulnerabilities in Sophos Firewall version 19.5 , including some arbitrary code execution bugs. reads the advisory.

Firmware 137
article thumbnail

Three UEFI Firmware flaws found in tens of Lenovo Notebook models

Security Affairs

IT giant Lenovo released security fixes to address three vulnerabilities that impact the UEFI firmware shipped with over 70 product models. The three buffer overflow vulnerabilities in UEFI firmware, tracked as CVE-2022-1890, CVE-2022-1891, and CVE-2022-1892, were discovered by researchers from ESET.

Firmware 143
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Western Digital customers have to update their My Cloud devices to latest firmware version

Security Affairs

My Cloud OS firmware is reaching the end of support, Western Digital customers have to update their WD My Cloud devices to the latest version. “On April 15, 2022 , support for prior generations of My Cloud OS, including My Cloud OS 3, will end. SecurityAffairs – hacking, Western Digital). Pierluigi Paganini.

Firmware 139
article thumbnail

BlackLotus Malware Hijacks Windows Secure Boot Process

Schneier on Security

These sophisticated pieces of malware target the UEFI—short for Unified Extensible Firmware Interface —the low-level and complex chain of firmware responsible for booting up virtually every modern computer. As the mechanism that bridges a PC’s device firmware with its operating system, the UEFI is an OS in its own right.

Malware 266
article thumbnail

Some firmware bugs in HP business devices are yet to be fixed

Security Affairs

Six high-severity firmware bugs affecting several HP Enterprise devices are yet to be patched, some of them since July 2021. The Binarly security research team reported several HP Enterprise devices are affected by six high-severity firmware vulnerabilities that are yet to be patched, and some of them have been disclosed more than a year ago.

Firmware 113
article thumbnail

Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack

Security Affairs

SonicWall next-generation firewall (NGFW) series 6 and 7 devices are affected by two unauthenticated denial-of-service vulnerabilities, tracked as CVE-2022-22274 and CVE-2023-0656 , that could potentially lead to remote code execution. ” concludes the report.

Firewall 145
article thumbnail

HP addressed 16 UEFI firmware flaws impacting laptops, desktops, PoS systems

Security Affairs

Researchers disclosed 16 high-severity flaws in different implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. High CVE-2022-23924 BRLY-2021-032 SMM heap buffer overflow (arbitrary code execution) 8.2 ” reads the analysis published by Binarly. .