2014, Authentication and Firmware - Cyber Security Informer

CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

MAY 17, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the following D-Link router vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2014-100005 Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev.

Firmware

Firmware Authentication Passwords Hacking

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Security Affairs

FEBRUARY 18, 2020

Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. An attacker could exploit the lack of checks to execute malicious firmware and perform malicious actions on both Windows and Linux systems, such as the installation of persistent backdoors.

Firmware

Firmware Hacking Authentication Advertising

Intel addresses High-Severity flaws in NUC Firmware and other tools

Security Affairs

AUGUST 18, 2019

Intel released security updates to address high-severity vulnerabilities in NUC firmware, the Processor Identification Utility, and the Computing Improvement Program. Intel Patch Tuesday for August 2019 addressed high-severity vulnerabilities in NUC firmware, Processor Identification Utility, and Computing Improvement Program.

Firmware

Firmware Authentication Advertising Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Security Affairs

MARCH 8, 2020

Netgear has addressed a critical remote code execution vulnerability that could be exploited by an unauthenticated attacker to take over AC Router Nighthawk (R7800) hardware running firmware versions prior to 1.0.2.68. NETGEAR strongly recommends that you download the latest firmware as soon as possible.” Pierluigi Paganini.

Firmware

Firmware Wireless Advertising Authentication

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Security Affairs

MARCH 7, 2020

The CVE-2019-0090 vulnerability affects the firmware running on the ROM of the Intel’s Converged Security and Management Engine (CSME). Intel CSME is responsible for initial authentication of Intel-based systems by loading and verifying all other firmware for modern platforms.” x, SPS_E3_05.00.04.027.0. .”

Firmware

Firmware Technology Advertising Authentication

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs

JULY 15, 2021

x firmware in an imminent ransomware campaign using stolen credentials.” “The exploitation targets a known vulnerability that has been patched in newer versions of firmware.” The network equipment vendor is now urging customers to update the firmware of their devices as soon as possible. “If 34 or 9.0.0.10

Firmware

Firmware Ransomware Passwords Mobile

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. The firmware malware is based on code associated with HackingTeam’s VectorEDK bootkit, with minor changes. ” concludes the report. Pierluigi Paganini.

Firmware

Firmware Spyware Surveillance Hacking

Researchers warn of QNAP NAS attacks in the wild

Security Affairs

AUGUST 31, 2020

Hackers target QNAP NAS devices running multiple firmware versions vulnerable to a remote code execution (RCE) flaw addressed by the vendor 3 years ago. QNAP addressed the vulnerability with the release of firmware version 4.3.3 Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. on July 21, 2017.

Firmware

Firmware Advertising Malware Internet

Expert found a hardcoded SSH Key in Fortinet SIEM appliances

Security Affairs

JANUARY 20, 2020

An attacker with this key can successfully authenticate as this user to the FortiSIEM Supervisor.” While the user’s shell is limited to running the /opt/phoenix/ phscripts /bin/ tunnelshell script, SSH authentication still succeeds.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Authentication

Authentication Firmware Advertising Firewall

Expert found multiple critical issues in MoFi routers

Security Affairs

SEPTEMBER 8, 2020

“The authentication function contains undocumented code which provides the ability to authenticate as root without having to know the actual root password. An adversary with the private key can remotely authenticate to the management interface as root.” ” reads the advisory published by the expert.

Firmware

Firmware Wireless Authentication Advertising

D-Link addressed 5 flaws on some router models, some of them reached EoL

Security Affairs

JULY 25, 2020

The flaws include reflected Cross-Site Scripting (XSS), buffer overflows, bypassing authentication issues, and arbitrary code execution bugs. The vendor pointed out that DAP-1522 and DIR-816L models that have reached their “end of support” phase, this means that these devices running firmware versions v1.42 (and below) and v12.06.B09

Firmware

Firmware Advertising Authentication Hacking

Intel addresses high severity flaw in Processor Diagnostic Tool

Security Affairs

JULY 11, 2019

may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.” The second vulnerability addressed by Intel affects SSD DC S4500/S4600 series firmware, it could be exploited by an attacker with physical access for privilege escalation.

Firmware

Firmware Advertising Authentication Hacking

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

Security Affairs

JULY 10, 2020

The backdoor accounts in the firmware of 29 FTTH Optical Line Termination (OLT) devices from popular vendor C-Data. The security duo, composed of Pierre Kim and Alexandre Torres, disclosed seven vulnerabilities in the firmware of FTTH OLT devices manufactured by C-Data. ” reads the analysis published by the experts.

Firmware

Firmware Accountability Advertising Manufacturing

Cisco ASA is affacted by a privilege escalation flaw. Patch it now!

Security Affairs

DECEMBER 23, 2018

The flaw was discovered by experts at Tenable that explained that an authenticated remote unprivileged user can change or download the running configuration or replace the appliance firmware where they shouldn’t. In particular, the aaa authentication http console {LOCAL | <aaa-server>} command must be present,” Cisco concludes.

Firmware

Firmware Authentication Software Advertising

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

CGI password logger This installs a fake version of the device admin login page, logging successful authentications and passing them to the legitimate login page. The first campaign likely began in early 2014 and continued until mid-2017, while the second started in late 2018 and was still active in late 2019.

Malware

Malware Firmware Advertising Manufacturing

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Security Affairs

MAY 19, 2020

Palo Alto Networks Unit 42 researchers observed both the Mirai and Hoaxcalls botnets using an exploit for a post-authentication Remote Code Execution vulnerability in legacy Symantec Web Gateways 5.0.2.8. Experts note that the exploit is only effective for authenticated sessions and the affected devices are End of Life (EOL) from 2012.

IoT

IoT DDOS Authentication Advertising

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release. The researcher describes the issue as a reachable pre-authentication that impacts every SSL VPN appliance. states the report published by Fortinet. ” continues the report.

Firewall

Firewall VPN Firmware Internet

SonicWall warns users of “imminent ransomware campaign”

Malwarebytes

JULY 15, 2021

The exploitation targets a known vulnerability that has been patched in newer versions of SonicWall firmware. x versions of the firmware. x firmware. x firmware versions. SSL-VPN 200/2000/400 (EOL 2013/2014) disconnect immediately and reset passwords. SMA 210/410/500v (Actively Supported) update firmware to 9.0.0.10-28sv

Ransomware

Ransomware Firmware VPN Firewall

Yubico is replacing for free YubiKey FIPS devices due to security weakness

Security Affairs

JUNE 14, 2019

of the firmware. The weakness impacts PIV smart card applications, Universal 2nd Factor (U2F) authentication, OATH one-time passwords, and OpenPGP. “An issue exists in the YubiKey FIPS Series devices with firmware version 4.4.2 there is no released firmware version 4.4.3) that was certified at the end of April.

Firmware

Firmware Advertising Authentication Passwords

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

CyberSecurity Insiders

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier. NETGEAR DGN2200 devices with firmware through 10.0.0.50. Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.2, Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 7)C0 NAS520 before firmware V5.21(AASZ.3)C0 CVE-2014-2321.

Malware

Malware IoT Firmware Authentication

Fortinet removed hardcoded SSH keys and database backdoors from FortiSIEM

Security Affairs

JANUARY 27, 2020

An attacker with this key can successfully authenticate as this user to the FortiSIEM Supervisor.” While the user’s shell is limited to running the /opt/phoenix/phscripts/bin/tunnelshell script, SSH authentication still succeeds.”. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. reads the advisory.

Advertising

Advertising Firmware Authentication Passwords

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities referred as USBAnywhere that could be exploited to potentially allow an attacker to take over the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11. ” reads the post published by Eclypsium.

Hacking

Hacking Firmware Media Authentication

Infecting Canon EOS DSLR camera with ransomware over the air

Security Affairs

AUGUST 12, 2019

Searching online the expert first found an encrypted firmware, he found on a forum a Portable ROM Dumper , (a custom firmware update file that once loaded, dumps the memory of the camera into the SD Card) that allowed him to dump the camera’s firmware and load it into his disassembler (IDA Pro). Pierluigi Paganini.

Firmware

Firmware Ransomware Wireless Encryption

D-Link router models affected by remote code execution issue that will not be fixed

Security Affairs

OCTOBER 7, 2019

According to the Fortinet, the vulnerability impacts D-Link firmware in the DIR-655, DIR-866L, DIR-652, and DHP-1565 router families. We rated this as a critical issue since the vulnerability can be triggered remotely without authentication.” “The vulnerability begins with a bad authentication check.

Authentication

Authentication Advertising Firmware Hacking

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Security Affairs

AUGUST 5, 2020

ZDNet has obtained a copy of the list with the help of threat intelligence firm KELA and verified confirmed the authenticity of the data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reported ZDNet.

VPN

VPN Passwords Banking Advertising

Maze ransomware operators claim to have breached LG Electronics

Security Affairs

JUNE 25, 2020

In 2014 its global sales reached $55.91 “One of the screenshots seems to consist of LG Electronics official firmware or software update releases that assist their hardware products to work more efficiently.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” continues Cyble.

Computers and Electronics

Computers and Electronics Ransomware Mobile Telecommunications

Critical unfixed flaws affect ABB Safety PLC Gateways

Security Affairs

DECEMBER 18, 2018

Security experts at Applied Risk are affected by potentially serious flaws and the bad news is that the vendor will not release firmware updates because the impacted products have reached the end of life. ABB also published separate advisories for the missing authentication and XSS vulnerabilities.

Firmware

Firmware Advertising Manufacturing Authentication

GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers

Security Affairs

OCTOBER 1, 2018

“Just like the regular dnschanger , this campaign attempts to guess the password on the router’s web authentication page or bypass the authentication through the dnscfg. Js DNSChanger is written in JavaScript and includes 10 attack scripts designed to infect 6 routers or firmware packages. Pierluigi Paganini.

DNS

DNS Malware Firmware Phishing

Thrangrycat flaw could allow compromising millions of Cisco devices

Security Affairs

MAY 14, 2019

. “ A vulnerability in the logic that handles access control to one of the hardware components in Cisco’s proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component.” Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Authentication Software Advertising

A daily average of 80,000 printers exposed online via IPP

Security Affairs

JUNE 23, 2020

Unlike other printer management protocols, the IPP protocol supports multiple security features, including authentication and encryption, but evidently organizations don’t use them. This info includes printer names, locations, models, firmware versions, organization names, and even WiFi network names. Pierluigi Paganini.

Internet

Internet Internet Firmware Advertising

Intel investigates security breach after the leak of 20GB of internal documents

Security Affairs

AUGUST 7, 2020

Several media outlets independently analyzed the data leak and verified the authenticity of the data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reported ZDNet. Pierluigi Paganini.

Firmware

Firmware Advertising Engineering Hacking

TP-Link Archer routers allow remote takeover without passwords

Security Affairs

DECEMBER 17, 2019

TP-Link addressed a critical zero-day vulnerability ( CVE-2017-7405 ) in its TP-Link Archer routers that could be exploited by attackers to remotely take their control over LAN via a Telnet connection without authentication. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Archer MR200v4: [link].

Passwords

Passwords Advertising Firmware Authentication

Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack

Security Affairs

OCTOBER 3, 2018

A typical attack scenario to gain this information sees attackers to luring an authenticated NAS user by tricking it into visiting a specially crafted malicious website. Lenovo confirmed that firmware versions 4.1.402.34662 and earlier are vulnerable, users have to download firmware version 4.1.404.34716 (or later).

Hacking

Hacking Firmware Advertising Backups

Tenable experts found 15 flaws in wireless presentation systems

Security Affairs

MAY 2, 2019

The issues, including a hardcoded session ID, allow unauthenticated, remote attacker to stop, start, and disconnect any screen sharing session due to insufficient authentication checking in the moderator controls. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Wireless

Wireless Firmware Advertising Authentication

Thousands of Xiaomi FURRYTAIL pet feeders exposed to hack

Security Affairs

OCTOBER 30, 2019

A Russian security researcher accidentally discovered API and firmware issues that allowed her to take over all Xiaomi FurryTail pet feeders. The Russian security researcher Anna Prosvetova, from Saint Petersburg, has accidentally discovered API and firmware issues that allowed her to take over all Xiaomi FurryTail pet feeders.

Hacking

Hacking Firmware Advertising DDOS

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

Security Affairs

FEBRUARY 5, 2020

More recent firmware versions had Telnet access and debug port (9527/ tcp ) disabled by default, but they had open port 9530/ tcp that could be exploited by attackers to send a special command to start telnet daemon and enable shell access with a static password ([ 1 ], [ 2 ], [ 3 ]). This is a subject of actual disclosure.”

Firmware

Firmware Encryption Advertising Passwords

Cisco addresses critical issues in IP Phones and UCS Director

Security Affairs

APRIL 17, 2020

The issue affects the following Cisco products if they have web access enabled and are running a firmware release earlier than the first fixed release for that device: IP Phone 7811, 7821, 7841, and 7861 Desktop Phones IP Phone 8811, 8841, 8845, 8851, 8861, and 8865 Desktop Phones Unified IP Conference Phone 8831 Wireless IP Phone 8821 and 8821-EX.

Big data

Big data Wireless Advertising Firmware

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

The WPA Wireless security standard was designed to authenticate wireless devices using the Advanced Encryption Standard (AES) protocol and to establish secure connections that hackers cannot spy on. More worrisome, we found that the Wi-Fi firmware of Cypress chips only executes 8 iterations at minimum to prevent side-channel leaks.

Passwords

Passwords Hacking Wireless Authentication

Zyxel addresses Zero-Day vulnerability in NAS devices

Security Affairs

FEBRUARY 25, 2020

. “Multiple ZyXEL network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device.” “ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. and earlier.

Authentication

Authentication Advertising Firmware Internet

TP-Link fixes 2 Remote Code Execution flaws in TL-R600VPN SOHO Router and other issues

Security Affairs

NOVEMBER 20, 2018

The lack of proper input sanitization can be exploited without authentication to trigger DoS conditions and leak server information. Talos experts explained that parsing errors require an authenticated session for exploitation, a circumstance that can lead to remote code execution under the context of HTTPD. “If Pierluigi Paganini.

Authentication

Authentication Advertising Firmware Hacking

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

” Once the mobile app has discovered the IP address of the lights, it authenticates with them, receives an authentication token and retrieves information about the device. Experts found a flaw in the authentication process, it only authenticates the lights to the app and not visa- versa. . Pierluigi Paganini.

IoT

IoT Hacking DNS Authentication

ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs

Security Affairs

JULY 16, 2018

Anubhav explained that the passwords are related to Dahua DVRs running very old firmware that is known to be affected by a five-year-old vulnerability tracked as CVE-2013-6117. Even if the vulnerability has been patched, many Dahua devices are still running ancient firmware. Pierluigi Paganini.

IoT

IoT Engineering Passwords Firmware

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

The list of flaws includes OS Command Injection, Unrestricted Upload of File with Dangerous Type, Cross-site Request Forgery, Small Space of Random Values, Cross-site Scripting, Exposure of Backup file to Unauthorized Control Sphere, Improper Authentication, and Use of Hard-coded Credentials. “Prima Systems FlexAir, Versions 2.3.38

Backups

Backups Authentication Advertising Firmware

Experts discloses dangerous flaws in robotic Dongguan Diqee 360 smart vacuums

Security Affairs

JULY 20, 2018

The first bug can only be exploited by an authenticated attacker, but Positive Technologies says all Diqee 360 devices come with a default password of 888888 for the admin account, which very few users change, and which attackers can incorporate into their exploit chain. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Surveillance Authentication Technology

CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Webinars

Trending Sources

Intel addresses High-Severity flaws in NUC Firmware and other tools

Webinars

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Second-ever UEFI rootkit used in North Korea-themed attacks

Researchers warn of QNAP NAS attacks in the wild

Expert found a hardcoded SSH Key in Fortinet SIEM appliances

Expert found multiple critical issues in MoFi routers

D-Link addressed 5 flaws on some router models, some of them reached EoL

Intel addresses high severity flaw in Processor Diagnostic Tool

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

Cisco ASA is affacted by a privilege escalation flaw. Patch it now!

QSnatch malware infected over 62,000 QNAP NAS Devices

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

SonicWall warns users of “imminent ransomware campaign”

Yubico is replacing for free YubiKey FIPS devices due to security weakness

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

Fortinet removed hardcoded SSH keys and database backdoors from FortiSIEM

USBAnywhere BMC flaws expose Supermicro servers to hack

Infecting Canon EOS DSLR camera with ransomware over the air

D-Link router models affected by remote code execution issue that will not be fixed

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Maze ransomware operators claim to have breached LG Electronics

Critical unfixed flaws affect ABB Safety PLC Gateways

GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers

Thrangrycat flaw could allow compromising millions of Cisco devices

A daily average of 80,000 printers exposed online via IPP

Intel investigates security breach after the leak of 20GB of internal documents

TP-Link Archer routers allow remote takeover without passwords

Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack

Tenable experts found 15 flaws in wireless presentation systems

Thousands of Xiaomi FURRYTAIL pet feeders exposed to hack

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

Cisco addresses critical issues in IP Phones and UCS Director

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Zyxel addresses Zero-Day vulnerability in NAS devices

TP-Link fixes 2 Remote Code Execution flaws in TL-R600VPN SOHO Router and other issues

Hacking the Twinkly IoT Christmas lights

ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs

CISA warns of critical flaws in Prima FlexAir access control system

Experts discloses dangerous flaws in robotic Dongguan Diqee 360 smart vacuums

Stay Connected