Security Affairs

JANUARY 18, 2024

Unified Extensible Firmware Interface (UEFI) is a specification that defines the architecture of the platform firmware used for booting the computer hardware and its interface for interaction with the operating system. ” states CERT/CC. . ” states CERT/CC. . ” states CERT/CC.

Firmware 131

Firmware DNS Advertising Architecture 131

Security Affairs

APRIL 28, 2023

A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. through 5.35. through 5.35.

Firewall 98

Firewall Firmware VPN Authentication 98

Security Affairs

OCTOBER 4, 2023

Google Threat Analysis Group and Google Project Zero first reported that the CVE-2023-33106, CVE-2023-33107, CVE-2022-22071 and CVE-2023-33063 are actively exploited in targeted attacks. The details of the remaining CVEs will be shared in our December 2023 public bulletin.”

Firmware 126

Firmware Surveillance Authentication Manufacturing 126

Security Affairs

JUNE 13, 2023

Fortinet addressed a new critical flaw, tracked as CVE-2023-27997, in FortiOS and FortiProxy that is likely exploited in a limited number of attacks. Fortinet has finally published an official advisory about the critical vulnerability, tracked as CVE-2023-27997 (CVSS score: 9.2), impacting FortiOS and FortiProxy.

Firewall 98

Firewall VPN Firmware Manufacturing 98

Security Affairs

JANUARY 15, 2024

The researchers discovered a vulnerability, tracked as CVE-2023-49722 (CVSS score: 8.3), that can be exploited by an attacker on the same network to replace the device firmware with a rogue version. The vulnerability was reported to the vendor in August 2023 and was addressed by the vendor in November 2023.

Firmware 134

Firmware IoT Hacking Information Security 134

Security Affairs

JANUARY 15, 2024

SonicWall next-generation firewall (NGFW) series 6 and 7 devices are affected by two unauthenticated denial-of-service vulnerabilities, tracked as CVE-2022-22274 and CVE-2023-0656 , that could potentially lead to remote code execution. ” concludes the report.

Firewall 143

Firewall Hacking Firmware Internet 143

Security Affairs

FEBRUARY 7, 2024

The most severe of these vulnerabilities, tracked as CVE-2023-40547 (CVSS score: 9.8), can lead to remote code execution under specific circumstances. The vulnerability CVE-2023-40547 is an RCE in http boot support that can lead to Secure Boot bypass “A remote code execution vulnerability was found in Shim. .”

Firmware 139

Firmware Hacking Information Security 139

Security Affairs

DECEMBER 17, 2023

The researchers discovered the botnet in October 2023, but they believe it has been active since at least 2022. The experts reported the two vulnerabilities to the respective vendors, but they plan to release the fixes in December 2023. and earlier. The vulnerability affects VioStor NVR Versions 5.0.0 and earlier (5.0.0

Firmware 139

Firmware Wireless DDOS IoT 139

Security Affairs

SEPTEMBER 6, 2023

The three vulnerabilities were reported by the Taiwanese CERT, below are their descriptions: CVE-2023-39238 (CVSS 9.8): ASUS RT-AX55, RT-AX56U_V2 and RT-AC86U iperf-related modules set_iperf3_svr.cgi API has a format string vulnerability. This function does not properly verify the input format string.

Firmware 145

Firmware Hacking Internet Internet 145

Security Affairs

JUNE 19, 2023

ASUS addressed critical vulnerabilities in multiple router models, urging customers to immediately install firmware updates. ASUS is warning customers to update some router models to the latest firmware to address critical vulnerabilities. “Update your router to the latest firmware.

Firmware 98

Firmware VPN Wireless Passwords 98

Security Affairs

JUNE 4, 2023

Zyxel has published guidance for protecting firewall and VPN devices from ongoing attacks exploiting CVE-2023-28771 , CVE-2023-33009 , and CVE-2023-33010 vulnerabilities. Threat actors are actively attempting to exploit the command injection vulnerability CVE-2023-28771 impacting Zyxel firewalls. Patch 1 ZLD V5.36

Firmware 98

Firmware VPN Firewall Hacking 98

Security Affairs

AUGUST 26, 2024

However SonicWall recommends youinstall the latest firmware. In March 2023, Mandiant researchers reported that alleged China-linked threat actors, tracked as UNC4540, deployed custom malware on a SonicWall SMA appliance. .” Below are the impacted versions: Impacted Platforms Impacted Versions SOHO (Gen 5) 5.9.2.14-12o

Firewall 126

Firewall Firmware Malware Internet 126

Security Affairs

APRIL 5, 2023

HP would take up to 90 days to address a critical flaw, tracked as CVE-2023-1707, that resides in the firmware of some business-grade printers. HP is aware of a critical vulnerability, tracked as CVE-2023-1707 (CVSS v3.1 The vendor has released temporary firmware mitigation for customers currently running FutureSmart 5.6

Firmware 98

Firmware Education Media Hacking 98

Security Affairs

MAY 31, 2023

Researchers from firmware security firm Eclypsium have discovered a suspected backdoor-like behavior within Gigabyte systems. The experts discovered that the firmware in Gigabyte systems drops and executes a Windows native executable during the system startup process. The executable resides in a UEFI firmware volume.

Firmware 98

Firmware Risk Software Passwords 98

Security Affairs

JANUARY 14, 2024

Forescout experts questioned the attribution of cyber attacks that targeted the energy sector in Denmark in 2023 to the Russia-linked Sandworm. Forescout experts shared findings from their analysis of the cyber attacks that targeted the energy sector in Denmark in 2023, attributing them to the Russia-linked Sandworm. through 5.35.

Firewall 136

Firewall Firmware Cyber Attacks VPN 136

Security Affairs

JUNE 1, 2023

Threat actors are actively exploiting a command injection flaw, tracked as CVE-2023-28771, in Zyxel firewalls to install malware. Threat actors are actively attempting to exploit a command injection vulnerability, tracked as CVE-2023-28771 , that impacts Zyxel firewalls. through 4.73, VPN series firmware versions 4.60

Firewall 98

Firewall Firmware VPN DDOS 98

SecureWorld News

JUNE 13, 2023

Critical Start today released its biannual Cyber Intelligence Report, featuring the top threats observed in the first half of 2023 and emerging cybersecurity trends impacting the healthcare, financial services, and state and local government industries. After a brief hiatus, Emotet threat actors resumed their operations in early March 2023.

Cyber threats 71

Cyber threats Malware Phishing Penetration Testing 71

Security Affairs

AUGUST 11, 2023

The vulnerability impacts devices running firmware versions 7.3.15.0 Zyxel addressed the vulnerability in 2017 with the release of new firmware, however, the vendor warned that a Gafgyt variant was exploiting the flaw in 2019. Additionally, the P660HN-T1A running the latest generic firmware, version 3.40(BYF.11), 0)b31 or older.

Firmware 98

Firmware Hacking Cybercrime Information Security 98

Security Affairs

JULY 22, 2023

Researchers warn of several DDoS botnets exploiting a critical flaw tracked as CVE-2023-28771 in Zyxel devices. The flaw, tracked as CVE-2023-28771 (CVSS score: 9.8), is a command injection issue that could potentially allow an unauthorized attacker to execute arbitrary code on vulnerable devices. through 5.35.

DDOS 98

DDOS Firmware VPN Firewall 98

Security Affairs

OCTOBER 1, 2023

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One FBI warns of dual ransomware attacks Progress Software fixed two critical severity flaws in WS_FTP Server Child abuse site taken down, organized child exploitation crime suspected – exclusive A still unpatched zero-day RCE impacts more than 3.5M

Artificial Intelligence 128

Artificial Intelligence Firmware Data breaches Hacking 128

Security Affairs

MAY 4, 2023

Cisco is warning of a critical remote code execution (RCE) vulnerability, tracked as CVE-2023-20126 (CVSS score of 9.8), impacting SPA112 2-Port phone adapters. “An attacker could exploit this vulnerability by upgrading an affected device to a crafted version of firmware. The company product has reached end-of-life (EoL).

Firmware 98

Firmware Education Media Authentication 98

Security Affairs

JANUARY 9, 2023

Tens of software vulnerabilities affected Qualcomm firmware and impacted the devices of Microsoft, Lenovo, and Samsung. Qualcomm January 2023 security bulletin addressed 22 software vulnerabilities in its Snapdragon suite. Lenovo released updates to address the vulnerabilities impacting the ThinkPad X13s BIOS.

Firmware 98

Firmware Manufacturing Software Hacking 98

Security Affairs

MAY 11, 2023

An attacker could also use these vulnerabilities to access and control networked smart devices (security cameras, thermostats, smart locks), change router settings including credentials or DNS settings, or use a compromised network to launch attacks against other devices or networks.” for the RAX30 router family.

Hacking 98

Hacking Firmware Authentication DNS 98

Security Affairs

NOVEMBER 14, 2023

On April 25, 2023, Zyxel disclosed a critical vulnerability (CVSS score 9.8), tracked as CVE-2023-28771 , in a number of their firewalls. The vulnerability is an improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35. through 5.35.

Cyber Attacks 139

Cyber Attacks Firmware Firewall VPN 139

Security Affairs

JUNE 5, 2024

CVE-2024-29976 :This improper privilege management vulnerability in the command “show_allsessions” in Zyxel NAS326 and NAS542 devices could allow an authenticated attacker to obtain a logged-in administrator’s session information containing cookies on an affected device. The vulnerabilities affect NAS326 running firmware versions 5.21(AAZF.16)C0

Firmware 127

Firmware Authentication Manufacturing Hacking 127

Security Affairs

FEBRUARY 6, 2024

“The Ministry of Defence (MOD) of the Netherlands was impacted in 2023 by an intrusion into one of its networks. The malware survives reboots and firmware upgrades. Moreover, the infection survives firmware upgrades.” The effects were limited because of prior network segmentation” reads the report.

Malware 136

Malware Firmware VPN Backups 136

Security Affairs

AUGUST 14, 2023

The procedures allow administrators to provide device information such as server addresses, account information, and firmware updates. The server is used to provide configurations and firmware updates to the devices. In this scenario, an attacker can act as a rogue server and distribute malicious firmware.

Firmware 98

Firmware Authentication Passwords Hacking 98

Security Affairs

MAY 25, 2023

The first vulnerability, tracked as CVE-2023-32165 , is a D-View TftpReceiveFileHandler Directory Traversal Remote Code Execution flaw. “Please note that this is a device beta software, beta firmware, or hot-fix release which is still undergoing final testing before its official release. ” We are in the final!

Firmware 98

Firmware Authentication Software Hacking 98

Security Affairs

MARCH 29, 2023

Taiwanese vendor QNAP warns customers to update their network-attached storage (NAS) devices to address a high-severity Sudo privilege escalation vulnerability tracked as CVE-2023-22809. The vulnerability was discovered by security firm Synacktiv, it is a sudoers policy bypass in Sudo version 1.9.12p1 when using sudoedit.

Firmware 98

Firmware Hacking Internet Internet 98

Security Affairs

JULY 14, 2023

Cybersecurity and Infrastructure Security Agency (CISA) is warning of two vulnerabilities affecting Rockwell Automation ControlLogix EtherNet/IP (ENIP) communication module models that could be exploited to achieve remote code execution and trigger a denial-of-service condition. ” reads the advisory published by CISA.

Firmware 98

Firmware CISO Hacking Government 98

Security Affairs

AUGUST 13, 2023

The researchers presented their findings at the DEFCON security conference today. The nine vulnerabilities have received CVE between CVE-2023-3259 through CVE-2023-3267. Below is the list of flaws discovered by the researchers: CyberPower PowerPanel Enterprise: CVE-2023-3264: Use of Hard-coded Credentials (CVSS 6.7)

Hacking 98

Hacking Firmware Authentication Software 98

Security Affairs

JUNE 28, 2023

The experts focused on achieving code execution on a commercially available drone, supporting significant security features (i.e. the use of signed and encrypted firmware, Trusted Execution Environment (TEE), and Secure Boot), using non-invasive techniques. ” added the company.

Firmware 98

Firmware Encryption Hacking Information Security 98

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 124

Data breaches Cybercrime Firewall Artificial Intelligence 124

Security Affairs

MARCH 2, 2023

Cisco addressed a critical vulnerability, tracked as CVE-2023-20078, impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. Cisco released security updates to address a critical flaw impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. The flaw, tracked as CVE-2023-20078 (rated 9.8

Firmware 98

Firmware Hacking Software Information Security 98

Security Affairs

SEPTEMBER 6, 2024

However SonicWall recommends youinstall the latest firmware. “SonicWall strongly advises that customers using GEN5 and GEN6 firewalls with SSLVPN users who have locally managed accounts immediately update their passwords to enhance security and prevent unauthorized access. 5035 and older versions.

Firewall 127

Firewall Passwords Internet Internet 127

Security Affairs

MAY 18, 2023

A brief description of each of the flaws is as follows – CVE-2023-20159 (CVSS score: 9.8): Small Business Series Switches Stack Buffer Overflow Vulnerability CVE-2023-20160 (CVSS score: 9.8): Small Business Series Switches Unauthenticated BSS Buffer Overflow Vulnerability CVE-2023-20161 (CVSS score: 9.8): Small Business Series Switches Unauthenticated (..)

Small Business 98

Small Business Firmware Hacking Cybersecurity 98

Security Affairs

JULY 10, 2023

A Proof-of-Concept (PoC) exploit for the CVE-2023-31998 vulnerability in the Ubiquiti EdgeRouter has been publicly released. The CVE-2023-31998 flaw (CVSS v3 5.9) 6 and earlier and AirCube firmware version 2.8.8 The flaw resides in the miniupnpd service and can be exploited by a LAN attacker. and earlier.

Firmware 75

Firmware Software Hacking Information Security 75