article thumbnail

ASUS fixed critical remote authentication bypass bug in several routers

Security Affairs

Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models. ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8), impacting seven router models. impacting multiple devices.

article thumbnail

Router Firmware Vulnerability Bypasses Authentication

Digital Guardian

A vulnerability found in some routers and modems could make the devices vulnerable to authentication bypass and in turn, allow attackers access to sensitive information.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Exploited Vulnerability Targets Arcadyan Firmware Routers

Heimadal Security

A new vulnerability in home routers that run Arcadyan firmware wreaks havoc in the world of cybersecurity, being actively taken advantage of by threat actors. This exploited vulnerability is now classified as CVE-2021-20090 and the danger is that hackers can use this to skip the authentication procedure.

Firmware 115
article thumbnail

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

The Last Watchdog

Locking down firmware. Starks Federal Communications Commission member Geoffrey Starks recently alluded to the possibility that China may have secretly coded the firmware in Huawei’s equipment to support cyber espionage and cyber infrastructure attacks. telecoms by Chinese tech giant Huawei.

Firmware 233
article thumbnail

Pwn2Own – When The Latest Firmware Isn’t

LRQA Nettitude Labs

All exploits must either bypass authentication mechanisms or require no authentication. Firmware Updates Pwn2Own requires exploits to work against the latest firmware versions at the time of the competition. This competition involves teams researching certain devices to find and exploit vulnerabilities.

article thumbnail

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Security Affairs

Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. An attacker could exploit the lack of checks to execute malicious firmware and perform malicious actions on both Windows and Linux systems, such as the installation of persistent backdoors.

Firmware 144
article thumbnail

Actively exploited bug bypasses authentication on millions of routers

Bleeping Computer

Threat actors actively exploit a critical authentication bypass vulnerability impacting home routers with Arcadyan firmware to take them over and deploy Mirai botnet malicious payloads. [.].