Remove Firewall Remove Firmware Remove Information Security
article thumbnail

Sophos backports fix for CVE-2022-3236 for EOL firewall firmware versions due to ongoing attacks

Security Affairs

Sophos backports the patch for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions due to ongoing attacks exploiting the issue. The security firm reported that this vulnerability is being used in attacks against a small set of specific organizations, primarily in South Asia. reads the advisory. “A MR5 (18.5.5), v19.0

Firmware 132
article thumbnail

SonicWall addressed an improper access control issue in its firewalls

Security Affairs

SonicWall addressed a critical flaw in its firewalls that could allow attackers to achieve unauthorized access to the devices. SonicWall has released security updates to address a critical vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), in its firewalls. However SonicWall recommends youinstall the latest firmware.

Firewall 127
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack

Security Affairs

Researchers from Bishop Fox found over 178,000 SonicWall next-generation firewalls (NGFW) publicly exploitable. Researchers from Bishop Fox used BinaryEdge source data to find SonicWall firewalls with management interfaces exposed to the internet.

Firewall 144
article thumbnail

Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches

Security Affairs

A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. through 5.35. through 5.35.

article thumbnail

Widespread exploitation by botnet operators of Zyxel firewall flaw

Security Affairs

Threat actors are actively exploiting a command injection flaw, tracked as CVE-2023-28771, in Zyxel firewalls to install malware. Threat actors are actively attempting to exploit a command injection vulnerability, tracked as CVE-2023-28771 , that impacts Zyxel firewalls. in its firewall devices. USG FLEX ZLD V4.60 VPN ZLD V4.60

article thumbnail

Expert found a secret backdoor in Zyxel firewall and VPN

Security Affairs

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. “Firmware version 4.60

Firewall 145
article thumbnail

Zyxel warns customers of attacks on its enterprise firewall and VPN devices

Security Affairs

Networking equipment giant Zyxel warns customers of a series of attacks that have been targeting some of its enterprise firewall and VPN devices. Networking equipment vendor Zyxel warned its customers of a series of attacks that have been targeting some of its enterprise firewall and VPN server solutions. Pierluigi Paganini.

VPN 144