Krebs on Security

JANUARY 11, 2021

Ubiquiti , a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. In an email sent to customers today, Ubiquiti Inc.

Passwords 355

Passwords Authentication Firmware Accountability 355

Krebs on Security

FEBRUARY 26, 2020

. “We’ve now completed the investigation of all Zyxel products and found that firewall products running specific firmware versions are also vulnerable,” Zyxel wrote in an email to KrebsOnSecurity. “Hotfixes have been released immediately, and the standard firmware patches will be released in March.”

Firewall 283

Firewall Firmware VPN IoT 283

Schneier on Security

NOVEMBER 15, 2019

In particular, we discovered timing leakage on an Intel firmware-based TPM as well as a hardware TPM. We further highlight the impact of these vulnerabilities by demonstrating a remote attack against a StrongSwan IPsecVPN that uses a TPM to generate the digital signatures for authentication. Intel has a firmware update.

Firmware 229

Firmware Authentication Manufacturing 229

Troy Hunt

NOVEMBER 25, 2020

I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. Let's got through the options: Firmware Patching I'll start with the devices themselves and pose a question to you: can you remember the last time you patched the firmware in your light globes? Or vibrator.

IoT 356

IoT Firmware Risk Manufacturing 356

Malwarebytes

MARCH 10, 2023

The malware was likely deployed in 2021, and was able to persist on the appliances tenaciously, even surviving firmware upgrades. It offers a combined single-sign-on (SSO) web portal to authenticate users, so intercepting user credentials would give an attacker that is after sensitive information a huge advantage.

Firmware 98

Firmware Malware Encryption Authentication 98

Security Affairs

MARCH 8, 2020

Netgear has addressed a critical remote code execution vulnerability that could be exploited by an unauthenticated attacker to take over AC Router Nighthawk (R7800) hardware running firmware versions prior to 1.0.2.68. NETGEAR strongly recommends that you download the latest firmware as soon as possible.”

Firmware 144

Firmware Wireless Advertising Authentication 144

Security Affairs

MARCH 14, 2021

Netgear has released security and firmware updates for its JGS516PE Ethernet switch to address 15 vulnerabilities, including a critica remote code execution issue. “The switch internal management web application in firmware versions prior to 2.6.0.43 ” reads the advisory published by NCC Group.”

Firmware 144

Firmware Authentication Hacking Software 144

Bleeping Computer

JUNE 15, 2024

ASUS has released a new firmware update that addresses a vulnerability impacting seven router models that allow remote attackers to log in to devices. [.]

Authentication 104

Authentication Firmware 104

Bleeping Computer

JUNE 11, 2023

Fortinet has released new Fortigate firmware updates that fix an undisclosed, critical pre-authentication remote code execution vulnerability in SSL VPN devices. [.]

VPN 145

VPN Firmware Authentication 145

Tech Republic Security

MARCH 22, 2021

The security key is built on open source hardware and firmware, making it a universal factor authentication device instead of a two-factor authentication device.

Firmware 137

Firmware Authentication Cybersecurity 137

The Hacker News

JUNE 26, 2024

Apple has released a firmware update for AirPods that could allow a malicious actor to gain access to the headphones in an unauthorized manner. Tracked as CVE-2024-27867, the authentication issue affects AirPods (2nd generation and later), AirPods Pro (all models), AirPods Max, Powerbeats Pro, and Beats Fit Pro.

Firmware 145

Firmware Authentication 145

Security Affairs

SEPTEMBER 6, 2021

Netgear has released firmware updates to address high-severity vulnerabilities in more than a dozen of its smart switches used on businesses. The flaws affected multiple products including the following smart switches, below is the list of the impacted devices and related firmware fixes: GC108P fixed in firmware version 1.0.8.2

Firmware 135

Firmware Authentication Passwords Hacking 135

The Hacker News

JUNE 30, 2021

The three HTTPd authentication security weaknesses (CVSS scores: 7.1 – 9.4) impact routers running firmware versions prior to v1.0.0.60, and have since

Firmware 145

Firmware Authentication Network Security Cybersecurity 145

Security Affairs

MARCH 7, 2020

The CVE-2019-0090 vulnerability affects the firmware running on the ROM of the Intel’s Converged Security and Management Engine (CSME). Intel CSME is responsible for initial authentication of Intel-based systems by loading and verifying all other firmware for modern platforms.” x, SPS_E3_05.00.04.027.0.

Firmware 145

Firmware Technology Advertising Authentication 145

Security Affairs

NOVEMBER 2, 2024

Affected devices use VHD PTZ camera firmware < 6.3.40 is an inadequate authentication mechanisms that could allow an attacker to access sensitive information like usernames, MD5 password hashes, and configuration data. . “Organizations using VHD PTZ camera firmware < 6.3.40 CVE-2024-8957 (CVSS score of CVSS 7.2)

Firmware 128

Firmware Manufacturing Healthcare IoT 128

Security Affairs

OCTOBER 7, 2021

A proof of concept exploit for two authentication bypass vulnerabilities in Dahua cameras is available online, users are recommended to immediately apply updates. “The identity authentication bypass vulnerability found in some Dahua products during the login process. Follow me on Twitter: @securityaffairs and Facebook.

Authentication 145

Authentication Firmware Hacking Engineering 145

SecureList

JUNE 11, 2024

Second, terminals can be connected to other scanners, such as electronic pass readers, or support other authentication methods using built-in hardware. External appearance of the device The device has several physical interfaces, supporting four authentication methods: biometric (facial recognition), password, electronic pass, and QR code.

Firmware 126

Firmware Authentication Passwords Risk 126

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT 145

IoT Firmware Authentication Wireless 145

Security Affairs

DECEMBER 15, 2020

The CVE-2020-25183 is an improper authentication issue that could be exploited by an attacker to bypass the authentication between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile app. The flaw could be exploited by an attacker to remotely execute code taking over the device. ” states the advisory.

Firmware 142

Firmware Authentication Mobile IoT 142

Krebs on Security

APRIL 26, 2019

But according to an in-depth analysis shared with KrebsOnSecurity by security researcher Paul Marrapese , iLnkP2P devices offer no authentication or encryption and can be easily enumerated, allowing potential attackers to establish a direct connection to these devices while bypassing any firewall restrictions.

IoT 275

IoT Firewall Manufacturing Computers and Electronics 275

Security Affairs

DECEMBER 3, 2024

The ‘Bootkitty’ Linux UEFI bootkit exploits the LogoFAIL flaws (CVE-2023-40238) to target systems using vulnerable firmware. The bootkit hooks UEFI authentication functions to bypass the Secure Boot mechanism and patches GRUB boot loader functions to evade additional integrity verifications.

Firmware 113

Firmware Manufacturing Malware Authentication 113

Security Affairs

MAY 17, 2024

CVE-2021-40655 An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT.

Firmware 135

Firmware Authentication Passwords Hacking 135

Security Boulevard

JANUARY 31, 2024

Explore the vulnerabilities in EV systems and potential risks, proposing mitigation strategies like firmware updates, user authentication, intrusion detection systems, and collaboration. The rise of electric vehicles (EVs) and charging infrastructure necessitates robust security measures, especially in the context of IoT integration.

IoT 119

IoT Firmware Authentication Risk 119

Security Affairs

DECEMBER 8, 2020

Security researchers at Digital Defense discovered three vulnerabilities in D-Link VPN routers, including command injection flaws, and an authenticated crontab injection flaw. The third flaw is an Authenticated Crontab Injection that could allow an authenticated user to inject arbitrary CRON entries that will then be executed as root.

VPN 138

VPN Hacking Firmware Authentication 138

Security Affairs

DECEMBER 30, 2022

The vendor only said that the flaw is a pre-authentication buffer overflow vulnerability and urged customers to address the firmware of their devices as soon as possible. “NETGEAR has released fixes for a pre-authentication buffer overflow security vulnerability” reads the advisory published by the company.

Firmware 98

Firmware Wireless Authentication Hacking 98

Troy Hunt

MARCH 12, 2020

This next bit, I really love: I made the following comments in my first every blog post about Ubiquiti: I had Billion devices before Linksys and I don't think I ever saw a firmware update over many years which worried me not just because I'm sure there was broken stuff in there, but because it was never evolving.

Wireless 344

Wireless Firmware Accountability Mobile 344

Security Affairs

DECEMBER 31, 2021

Researchers discovered multiple high-risk vulnerabilities affecting the latest firmware version for the Netgear Nighthawk R6700v3 router. Researchers from Tenable have discovered multiple vulnerabilities in the latest firmware version (version 1.0.4.120) of the popular Netgear Nighthawk R6700v3 WiFi router. ” states Tenable.

Firmware 145

Firmware Encryption Authentication Passwords 145

Security Affairs

JUNE 24, 2021

The threat actors are targeting the USG, ZyWALL, USG FLEX, ATP, and VPN series running on-premise ZLD firmware. Upon accessing the devices, attackers then bypass authentication and establish SSL VPN tunnels with unknown user accounts (i.e. The company states that devices running the Nebula cloud management mode are not impacted.

VPN 144

VPN Firewall Firmware Authentication 144

Security Affairs

JULY 15, 2021

x firmware in an imminent ransomware campaign using stolen credentials.” “The exploitation targets a known vulnerability that has been patched in newer versions of firmware.” The network equipment vendor is now urging customers to update the firmware of their devices as soon as possible. “If 34 or 9.0.0.10

Firmware 125

Firmware Ransomware Passwords Mobile 125

Security Affairs

AUGUST 31, 2020

Hackers target QNAP NAS devices running multiple firmware versions vulnerable to a remote code execution (RCE) flaw addressed by the vendor 3 years ago. QNAP addressed the vulnerability with the release of firmware version 4.3.3 The researchers discovered that the issue resides in the CGI program. /httpd/cgi-bin/authLogout.cgi.

Firmware 145

Firmware Advertising Malware Internet 145

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. The firmware malware is based on code associated with HackingTeam’s VectorEDK bootkit, with minor changes. ” concludes the report.

Firmware 145

Firmware Spyware Surveillance Hacking 145

Malwarebytes

AUGUST 9, 2021

Router firmware. Under the description of CVE-2021-20090 you will find: “a path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication.”.

Firmware 142

Firmware DDOS Internet Internet 142

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router. ” states the vendor.

Firmware 136

Firmware Wireless Passwords Internet 136

Security Affairs

JUNE 14, 2024

CVE-2024-4358 is an authentication bypass vulnerability that an unauthenticated attacker can exploit to gain access to Telerik Report Server restricted functionality. CVE-2024-26169 is an elevation of privilege issue in the Microsoft Windows Error Reporting Service that can be exploited to could gain SYSTEM privileges.

Firmware 136

Firmware Authentication Hacking Cybersecurity 136

Security Affairs

DECEMBER 9, 2021

. “The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field.” TP-Link addressed the flaw on November 12, 2021 with the release of the firmware update TL-WR840N(EU)_V5_211109.

Firmware 145

Firmware Architecture Malware Hacking 145

Daniel Miessler

MAY 14, 2020

Keep your firmware and software updated. Enable two-factor authentication on all critical accounts. For your most important accounts—such as those controlling your email account, your bank, and your mobile phone account—you should enable two-factor authentication. Everything. Setting up Google 2FA.

Risk 345

Risk Password Management Passwords Accountability 345

Security Affairs

NOVEMBER 1, 2021

An attacker with access to the dispenser controller’s USB port can install an outdated or modified firmware version to bypass the encryption and make cash withdrawals. The two vulnerabilities, tracked as CVE-2018-9099 and CVE-2018-9100 , resides in the firmware of the CMD-V5 dispenser and RM3/CRS dispenser respectively.

Hacking 141

Hacking Firmware Encryption Manufacturing 141