Authentication, Firmware and Hacking - Cyber Security Informer

Netgear urges users to upgrade two flaws impacting WiFi router models

Security Affairs

FEBRUARY 4, 2025

Netgear addressed two critical vulnerabilities, internally tracked as PSV-2023-0039 and PSV-2021-0117 , impacting multiple WiFi router models and urged customers to install the latest firmware. The two flaws are, respectively, a remote code execution issue and an authentication bypass vulnerability. ” reads the advisory.

Firmware

Firmware Authentication Hacking Information Security

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

The Last Watchdog

JUNE 10, 2019

Locking down firmware. Starks Federal Communications Commission member Geoffrey Starks recently alluded to the possibility that China may have secretly coded the firmware in Huawei’s equipment to support cyber espionage and cyber infrastructure attacks. telecoms by Chinese tech giant Huawei.

Firmware

Firmware Cybersecurity Technology Engineering

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Security Affairs

FEBRUARY 18, 2020

Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. An attacker could exploit the lack of checks to execute malicious firmware and perform malicious actions on both Windows and Linux systems, such as the installation of persistent backdoors.

Firmware

Firmware Hacking Authentication Advertising

SonicWall warns of an exploitable SonicOS vulnerability

Security Affairs

JANUARY 8, 2025

SonicWall warns customers to address an authentication bypass vulnerability in its firewall’s SonicOS that is “susceptible to actual exploitation.” The same firmware upgrade contains mitigations for additional, less-critical vulnerabilities.” ” “We have identified a high (CVE Score 8.2)

Firewall

Firewall Firmware VPN Authentication

PTZOptics cameras zero-days actively exploited in the wild

Security Affairs

NOVEMBER 2, 2024

Affected devices use VHD PTZ camera firmware < 6.3.40 is an inadequate authentication mechanisms that could allow an attacker to access sensitive information like usernames, MD5 password hashes, and configuration data. . “Organizations using VHD PTZ camera firmware < 6.3.40 CVE-2024-8957 (CVSS score of CVSS 7.2)

Firmware

Firmware Manufacturing IoT Healthcare

BootKitty Linux UEFI bootkit spotted exploiting LogoFAIL flaws

Security Affairs

DECEMBER 3, 2024

The ‘Bootkitty’ Linux UEFI bootkit exploits the LogoFAIL flaws (CVE-2023-40238) to target systems using vulnerable firmware. The bootkit hooks UEFI authentication functions to bypass the Secure Boot mechanism and patches GRUB boot loader functions to evade additional integrity verifications. ” concludes the report.

Firmware

Firmware Manufacturing Malware Authentication

MikroTik botnet relies on DNS misconfiguration to spread malware

Security Affairs

JANUARY 16, 2025

The researchers found that the botnet comprises MikroTik routers with various firmware versions, including recent ones. The botnet uses compromised MikroTik devices as SOCKS proxies, masking malicious traffic origins and enabling other actors to exploit them without authentication, amplifying its scale.

DNS

DNS Malware Firmware Authentication

ASUS fixed critical remote authentication bypass bug in several routers

Security Affairs

JUNE 16, 2024

Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models. ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8), impacting seven router models. impacting multiple devices.

Authentication

Authentication Firmware VPN Manufacturing

Chinese national charged for hacking thousands of Sophos firewalls

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. Passwords associated with external authentication systems such as AD or LDAP are unaffected.

Firewall

Firewall Hacking Malware Passwords

Intel addresses High-Severity flaws in NUC Firmware and other tools

Security Affairs

AUGUST 18, 2019

Intel released security updates to address high-severity vulnerabilities in NUC firmware, the Processor Identification Utility, and the Computing Improvement Program. Intel Patch Tuesday for August 2019 addressed high-severity vulnerabilities in NUC firmware, Processor Identification Utility, and Computing Improvement Program.

Firmware

Firmware Authentication Advertising Hacking

Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers

Security Affairs

FEBRUARY 18, 2025

Xerox VersaLink C7025 Multifunction printer flaws could allow attackers to capture authentication credentials via pass-back attacks via LDAP and SMB/FTP services. ” Organizations using Xerox VersaLink C7025 Multifunction printers should update to the latest firmware. .” and earlier. ” concludes the report.

Firmware

Firmware Authentication Accountability Passwords

Unauthenticated Command Injection bug opens D-Link VPN routers to hack

Security Affairs

DECEMBER 8, 2020

Security researchers at Digital Defense discovered three vulnerabilities in D-Link VPN routers, including command injection flaws, and an authenticated crontab injection flaw. The third flaw is an Authenticated Crontab Injection that could allow an authenticated user to inject arbitrary CRON entries that will then be executed as root.

VPN

VPN Hacking Firmware Authentication

Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution

Security Affairs

JANUARY 19, 2025

Claroty researchers disclosed three vulnerabilities in Planet WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on vulnerable devices. ” The firmware analysis performed by the experts revealed vulnerabilities in the dispatcher.cgi interface of WGS-804HPT switches’ web service.

Firmware

Firmware IoT Wireless Surveillance

U.S. CISA adds SonicWall SonicOS and Palo Alto PAN-OS flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

FEBRUARY 18, 2025

The two vulnerabilities are: CVE-2025-0108 Palo Alto PAN-OS Authentication Bypass Vulnerability CVE-2024-53704 SonicWall SonicOS SSLVPN Improper Authentication Vulnerability Researchers recently warned that threat actors exploit a recently disclosed vulnerability, CVE-2025-0108, in Palo Alto Networks PAN-OS firewalls.

Firewall

Firewall Firmware Authentication VPN

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

Researchers demonstrated how crooks could hack Diebold Nixdorf’s Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash. An attacker with access to the dispenser controller’s USB port can install an outdated or modified firmware version to bypass the encryption and make cash withdrawals. score of 6.8.

Hacking

Hacking Firmware Encryption Manufacturing

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. Let's got through the options: Firmware Patching I'll start with the devices themselves and pose a question to you: can you remember the last time you patched the firmware in your light globes? Or vibrator.

IoT

IoT Firmware Risk Manufacturing

Zyxel firewalls targeted in recent ransomware attacks

Security Affairs

NOVEMBER 25, 2024

According to the advisory, the attack is only possible if the device is configured to use User-Based-PSK authentication and has a valid user with a username longer than 28 characters. ” The vendor addressed these vulnerabilities with the release of firmware version 5.39 ” reads the advisory published by the vendor.

Firewall

Firewall Ransomware VPN Firmware

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Security Affairs

MARCH 8, 2020

Netgear has addressed a critical remote code execution vulnerability that could be exploited by an unauthenticated attacker to take over AC Router Nighthawk (R7800) hardware running firmware versions prior to 1.0.2.68. NETGEAR strongly recommends that you download the latest firmware as soon as possible.” Pierluigi Paganini.

Firmware

Firmware Wireless Advertising Authentication

SonicWall warns of a critical CVE-2025-23006 zero-day likely exploited in the wild

Security Affairs

JANUARY 24, 2025

The vulnerability is a Pre-authentication deserialization of untrusted data issue in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) that has been likely exploited in attacks in the wild as a zero-day. ” reads the advisory. and copying them out to the attacker created text file /tmp/syslog.db.

Firmware

Firmware Malware Authentication Mobile

KindleDrip exploit – Hacking a Kindle device with a simple email

Security Affairs

JANUARY 22, 2021

The experts discovered that Amazon did not verify the authenticity of the email sender, this means that attackers can spoof an email address that is present in the list of approved addresses. Experts also published a video PoC of the KindleDRIP exploit chain on a new Kindle 10 running firmware version 5.13.2. Pierluigi Paganini.

Hacking

Hacking Authentication Firmware Phishing

PoC exploit for 2 flaws in Dahua cameras leaked online

Security Affairs

OCTOBER 7, 2021

A proof of concept exploit for two authentication bypass vulnerabilities in Dahua cameras is available online, users are recommended to immediately apply updates. “The identity authentication bypass vulnerability found in some Dahua products during the login process. SecurityAffairs – hacking, Dahua cameras).

Authentication

Authentication Firmware Hacking Engineering

Experts found 15 flaws in Netgear JGS516PE switch, including a critical RCE

Security Affairs

MARCH 14, 2021

Netgear has released security and firmware updates for its JGS516PE Ethernet switch to address 15 vulnerabilities, including a critica remote code execution issue. “The switch internal management web application in firmware versions prior to 2.6.0.43 ” reads the advisory published by NCC Group.”

Firmware

Firmware Authentication Hacking Software

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Security Affairs

AUGUST 16, 2024

The “Showcase.apk” package, developed by Smith Micro, is part of the firmware image on millions of Android Pixel phones, potentially enhancing sales in Verizon stores. The app is preinstalled in Pixel firmware and included in Google’s OTA updates for Pixel devices. ” continues the report.

Hacking

Hacking Firmware Mobile Penetration Testing

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

A China-linked threat actor used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea. The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware.

Firmware

Firmware Spyware Surveillance Hacking

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities referred as USBAnywhere that could be exploited to potentially allow an attacker to take over the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11. ” reads the post published by Eclypsium.

Hacking

Hacking Firmware Media Authentication

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Security Affairs

MARCH 7, 2020

The CVE-2019-0090 vulnerability affects the firmware running on the ROM of the Intel’s Converged Security and Management Engine (CSME). Intel CSME is responsible for initial authentication of Intel-based systems by loading and verifying all other firmware for modern platforms.” x, SPS_E3_05.00.04.027.0. .

Firmware

Firmware Technology Advertising Authentication

U.S. CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

FEBRUARY 12, 2025

CVE-2024-40891 is very similar to CVE-2024-40890 ( observed authentication attempts , observed command injection attempts ), with the main difference being that the former is telnet-based while the latter is HTTP-based. reads the advisory published by GreyNoise. 4)C0_20170615. reads the advisory. reads the advisory.

Authentication

Authentication Firmware Cybersecurity Hacking

Netgear addresses severe security flaws in 20 of its products

Security Affairs

SEPTEMBER 6, 2021

Netgear has released firmware updates to address high-severity vulnerabilities in more than a dozen of its smart switches used on businesses. The flaws affected multiple products including the following smart switches, below is the list of the impacted devices and related firmware fixes: GC108P fixed in firmware version 1.0.8.2

Firmware

Firmware Authentication Passwords Hacking

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Security Affairs

MAY 11, 2023

Industrial and IoT cybersecurity firm Claroty disclosed technical details of five vulnerabilities that be exploited to hack some Netgear router models. “Team82 disclosed five vulnerabilities in NETGEAR’s Nighthawk RAX30 routers as part of its research and participation in last December’s Pwn2Own Toronto hacking competition.”

Hacking

Hacking Firmware Authentication DNS

Dark Mirai botnet spreads targeting RCE on TP-Link routers

Security Affairs

DECEMBER 9, 2021

. “The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field.” TP-Link addressed the flaw on November 12, 2021 with the release of the firmware update TL-WR840N(EU)_V5_211109.

Firmware

Firmware Architecture Malware Hacking

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT

IoT Firmware Authentication Wireless

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

” Once the mobile app has discovered the IP address of the lights, it authenticates with them, receives an authentication token and retrieves information about the device. Experts found a flaw in the authentication process, it only authenticates the lights to the app and not visa- versa. . Pierluigi Paganini.

IoT

IoT Hacking DNS Authentication

An RCE in Annke video surveillance product allows hacking the device

Security Affairs

AUGUST 27, 2021

Researchers from Nozomi Networks discovered a critical vulnerability that can be exploited to hack a video surveillance product made by Annke. The vulnerability, tracked as CVE-2021-32941 can be exploited by an attacker to hack a video surveillance product made by Annke, a provider of home and business security solutions.

Surveillance

Surveillance Hacking Firmware Manufacturing

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

Dragonblood researchers found two new weaknesses in WPA3 protocol that could be exploited to hack WPA3 protected WiFi passwords. A group of researchers known as Dragonblood (Mathy Vanhoef and Eyal Ronen ) devised new methods to hack WPA3 protected WiFi passwords by exploiting two new vulnerabilities dubbed Dragonblood flaws.

Passwords

Passwords Hacking Wireless Authentication

CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

MAY 17, 2024

CVE-2021-40655 An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, CISA ) CISA orders federal agencies to fix these vulnerabilities by June 6, 2024.

Firmware

Firmware Passwords Authentication Hacking

Zyxel warns customers of attacks on its enterprise firewall and VPN devices

Security Affairs

JUNE 24, 2021

The threat actors are targeting the USG, ZyWALL, USG FLEX, ATP, and VPN series running on-premise ZLD firmware. Upon accessing the devices, attackers then bypass authentication and establish SSL VPN tunnels with unknown user accounts (i.e. SecurityAffairs – hacking, Zyxel). Follow me on Twitter: @securityaffairs and Facebook.

VPN

VPN Firewall Firmware Authentication

Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched

Security Affairs

DECEMBER 31, 2021

Researchers discovered multiple high-risk vulnerabilities affecting the latest firmware version for the Netgear Nighthawk R6700v3 router. Researchers from Tenable have discovered multiple vulnerabilities in the latest firmware version (version 1.0.4.120) of the popular Netgear Nighthawk R6700v3 WiFi router. ” states Tenable. .

Firmware

Firmware Encryption Passwords Authentication

Flaws in Medtronic MyCareLink can allow attackers to take over implanted cardiac devices

Security Affairs

DECEMBER 15, 2020

The CVE-2020-25183 is an improper authentication issue that could be exploited by an attacker to bypass the authentication between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile app. SecurityAffairs – hacking, Medtronic). ” states the advisory. ” states the advisory. . Pierluigi Paganini.

Firmware

Firmware Authentication Mobile IoT

Aquabot variant v3 targets Mitel SIP phones

Security Affairs

JANUARY 29, 2025

In mid-July 2024, Mitel addressed the vulnerability with the release of firmware updates. The vendor warned that the exploitation of the flaw could allow an authenticated attacker with administrative privilege to conduct a command injection attack due to insufficient parameter sanitization during the boot process. . HF1 (R6.4.0.136).

DDOS

DDOS Firmware Malware Firewall

CISA adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

JUNE 14, 2024

CVE-2024-4358 is an authentication bypass vulnerability that an unauthenticated attacker can exploit to gain access to Telerik Report Server restricted functionality. Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, Android Pixel)

Firmware

Firmware Authentication Hacking Cybersecurity

Researchers warn of QNAP NAS attacks in the wild

Security Affairs

AUGUST 31, 2020

Hackers target QNAP NAS devices running multiple firmware versions vulnerable to a remote code execution (RCE) flaw addressed by the vendor 3 years ago. QNAP addressed the vulnerability with the release of firmware version 4.3.3 SecurityAffairs – hacking, QNAP NAS). ” reads the report published by 360 Netlab. .

Firmware

Firmware Advertising Malware Internet

NETGEAR fixes a severe bug in its routers. Patch it asap!

Security Affairs

DECEMBER 30, 2022

The vendor only said that the flaw is a pre-authentication buffer overflow vulnerability and urged customers to address the firmware of their devices as soon as possible. “NETGEAR has released fixes for a pre-authentication buffer overflow security vulnerability” reads the advisory published by the company.

Firmware

Firmware Wireless Authentication Hacking

Chip maker giant AMD investigates a data breach

Security Affairs

JUNE 19, 2024

The allegedly stolen data includes information on future products, datasheets, employee and customer databases, property files, firmware, source code, and financial documentation. It’s unclear if the data is authentic and which it the source.

Data breaches

Data breaches Firmware Cybercrime Media

Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack

Security Affairs

OCTOBER 3, 2018

A typical attack scenario to gain this information sees attackers to luring an authenticated NAS user by tricking it into visiting a specially crafted malicious website. Lenovo confirmed that firmware versions 4.1.402.34662 and earlier are vulnerable, users have to download firmware version 4.1.404.34716 (or later).

Hacking

Hacking Firmware Advertising Backups

Netgear urges users to upgrade two flaws impacting WiFi router models

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

Trending Sources

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

SonicWall warns of an exploitable SonicOS vulnerability

PTZOptics cameras zero-days actively exploited in the wild

BootKitty Linux UEFI bootkit spotted exploiting LogoFAIL flaws

MikroTik botnet relies on DNS misconfiguration to spread malware

ASUS fixed critical remote authentication bypass bug in several routers

Chinese national charged for hacking thousands of Sophos firewalls

Intel addresses High-Severity flaws in NUC Firmware and other tools

Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers

Unauthenticated Command Injection bug opens D-Link VPN routers to hack

Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution

U.S. CISA adds SonicWall SonicOS and Palo Alto PAN-OS flaws to its Known Exploited Vulnerabilities catalog

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

IoT Unravelled Part 3: Security

Zyxel firewalls targeted in recent ransomware attacks

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

SonicWall warns of a critical CVE-2025-23006 zero-day likely exploited in the wild

KindleDrip exploit – Hacking a Kindle device with a simple email

PoC exploit for 2 flaws in Dahua cameras leaked online

Experts found 15 flaws in Netgear JGS516PE switch, including a critical RCE

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Second-ever UEFI rootkit used in North Korea-themed attacks

USBAnywhere BMC flaws expose Supermicro servers to hack

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

U.S. CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog

Netgear addresses severe security flaws in 20 of its products

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Dark Mirai botnet spreads targeting RCE on TP-Link routers

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Hacking the Twinkly IoT Christmas lights

An RCE in Annke video surveillance product allows hacking the device

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog

Zyxel warns customers of attacks on its enterprise firewall and VPN devices

Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched

Flaws in Medtronic MyCareLink can allow attackers to take over implanted cardiac devices

Aquabot variant v3 targets Mitel SIP phones

CISA adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog

Researchers warn of QNAP NAS attacks in the wild

NETGEAR fixes a severe bug in its routers. Patch it asap!

Chip maker giant AMD investigates a data breach

Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack

Stay Connected