Security Affairs

DECEMBER 8, 2021

The Mirai -based Moobot botnet is rapidly spreading by exploiting a critical command injection flaw, tracked as CVE-2021-36260 , in the webserver of several Hikvision products. The Moobot was first documented by Palo Alto Unit 42 researchers in February 2021, the recent attacks demonstrated that its authors are enhancing their malware.

Firmware 121

Firmware DDOS Malware IoT 121

Security Affairs

FEBRUARY 20, 2021

Security provider SonicWall released a new firmware update for an SMA-100 zero-day vulnerability that was exploited in attacks. SonicWall has released a second firmware update for the SMA-100 zero-day vulnerability that was exploited in attacks in the wild. ” reads the security advisory. reads the advisory.

Firmware 64

Firmware Mobile Hacking Information Security 64

Security Affairs

SEPTEMBER 22, 2021

CVE-2021-40847 flaw in Netgear SOHO routers could be exploited by a remote attacker to execute arbitrary code as root. Security experts from consulting firm GRIMM have discovered a vulnerability in Small Offices/Home Offices (SOHO) Netgear routers that could be exploited by a remote attacker to execute arbitrary code as root.

DNS 128

DNS Firmware VPN Risk 128

Security Affairs

AUGUST 27, 2021

Researchers from Nozomi Networks discovered a critical vulnerability that can be exploited to hack a video surveillance product made by Annke. The vulnerability, tracked as CVE-2021-32941 can be exploited by an attacker to hack a video surveillance product made by Annke, a provider of home and business security solutions.

Surveillance 99

Surveillance Hacking Firmware Manufacturing 99

Security Affairs

JANUARY 14, 2024

Apple addressed a recently disclosed Bluetooth keyboard injection vulnerability with the release of Magic Keyboard firmware. Apple released Magic Keyboard Firmware Update 2.0.6 Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Bluetooth)

Firmware 116

Firmware Hacking Information Security 116

Security Affairs

SEPTEMBER 24, 2021

SonicWall fixed a critical security flaw, tracked as CVE-2021-20034, that impacts some Secure Mobile Access (SMA) 100 series products that can allow device takeover. SonicWall has addressed a critical security vulnerability, tracked as CVE-2021-20034 , that impacting several Secure Mobile Access (SMA) 100 series products.

Firmware 85

Firmware Mobile Hacking Information Security 85

Security Affairs

OCTOBER 30, 2021

MITRE and CISA announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list. MITRE and the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) have announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list.

Firmware 141

Firmware Manufacturing Education Engineering 141

Security Affairs

DECEMBER 9, 2021

Dark Mirai botnet spreads by exploiting a new vulnerability, tracked as CVE-2021-41653, affecting TP-Link TL-WR840N EU V5 home routers. “The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field.”

Firmware 142

Firmware Architecture Malware Hacking 142

Security Affairs

MAY 19, 2021

Security researchers identified five vulnerabilities in the infotainment system in Mercedes-Benz cars, four of them are remotely exploitable. Experts reported the vulnerabilities to Daimler in November 2020 and the carmaker released security patches starting from late January 2021. SecurityAffairs – hacking, Mercedes).

Hacking 94

Hacking Firmware Engineering Software 94

Security Affairs

OCTOBER 26, 2021

“Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021. The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.”

Ransomware 128

Ransomware Firmware Antivirus Accountability 128

Security Affairs

DECEMBER 31, 2021

Researchers discovered multiple high-risk vulnerabilities affecting the latest firmware version for the Netgear Nighthawk R6700v3 router. Researchers from Tenable have discovered multiple vulnerabilities in the latest firmware version (version 1.0.4.120) of the popular Netgear Nighthawk R6700v3 WiFi router. Vendor supplies information.

Firmware 123

Firmware Encryption Authentication Passwords 123

Security Affairs

AUGUST 20, 2021

During the first half of 2021, 637 vulnerabilities affecting industrial control system (ICS) products were published, affecting products from 76 vendors. The company reported that during the first half of 2021, 637 vulnerabilities affecting industrial control system (ICS) products were published, affecting products from 76 vendors.

Firmware 105

Firmware Ransomware Manufacturing Software 105

Security Affairs

AUGUST 17, 2021

Researchers at FireEye’s Mandiant have discovered a critical vulnerability, tracked as CVE-2021-28372, in a core component of the Kalay cloud platform which is used by millions of IoT devices from many vendors. This varies from device to device but typically is used for device telemetry, firmware updates, and device control.”

IoT 114

IoT Hacking Social Engineering Firmware 114

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router. score of 7,5.

Firmware 118

Firmware Wireless Passwords Internet 118

Security Affairs

MARCH 14, 2021

Netgear has released security and firmware updates for its JGS516PE Ethernet switch to address 15 vulnerabilities, including a critica remote code execution issue. “The switch internal management web application in firmware versions prior to 2.6.0.43 02 Dec 2020 – Netgear released the new firmware v2.6.0.48

Firmware 134

Firmware Authentication Hacking Software 134

Security Affairs

SEPTEMBER 6, 2021

Netgear has released security updates to address high-severity vulnerabilities affecting several of its smart switches used by businesses. Netgear has released firmware updates to address high-severity vulnerabilities in more than a dozen of its smart switches used on businesses. GC108PP fixed in firmware version 1.0.8.2

Firmware 104

Firmware Authentication Passwords Hacking 104

Security Affairs

NOVEMBER 25, 2022

The researchers discovered the issue by analyzing firmware images used devices from the above manufacturers. The experts analyzed one of the core frameworks EDKII used as a part of any UEFI firmware which has its own submodule and wrapper over the OpenSSL library ( OpensslLib ) in the CryptoPkg component. that dates back to 2009. .

Firmware 100

Firmware Manufacturing Hacking Software 100

Security Affairs

SEPTEMBER 14, 2021

A high severity vulnerability, tracked as CVE-2021-3437 , in HP OMEN laptop and desktop gaming computers exposes millions of systems to DoS and privilege escalation attacks. “Potential security vulnerabilities have been identified in an OMEN Gaming Hub SDK package which may allow escalation of privilege and/or denial of service. .”

Software 116

Software Firmware Hacking Information Security 116

Security Affairs

MAY 2, 2021

A security duo has demonstrated how to hack a Tesla Model X’s and open the doors using a DJI Mavic 2 drone equipped with a WIFI dongle. A new version of ConnMan (v1.39) has been released in February 2021. The researchers Kunnamon, Inc.’s We did not want to weaponize this exploit into a worm, however.”.

Hacking 116

Hacking Firmware Manufacturing Software 116

Security Affairs

JANUARY 1, 2021

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. “Firmware version 4.60

Firewall 140

Firewall VPN Firmware Passwords 140

Security Affairs

SEPTEMBER 18, 2021

The flaws were discovered by Google security engineer Gynvael Coldwind, Netgear addressed then early this month. NETGEAR urge its customers using the following products to download the latest firmware: GC108P fixed in firmware version 1.0.8.2 GC108PP fixed in firmware version 1.0.8.2 SecurityAffairs – hacking, Netgear).

Firmware 88

Firmware Engineering Passwords Hacking 88

Security Affairs

OCTOBER 15, 2021

RDP accesses); Exploitation of vulnerabilities affecting control systems running vulnerable firmware versions. The three new incidents included in the advisory are: In August 2021, malicious cyber actors used Ghost variant ransomware against a California-based WWS facility. SecurityAffairs – hacking, Water and Wastewater systems).

Ransomware 92

Ransomware Cyber threats Firmware Backups 92

Security Affairs

JULY 18, 2021

“Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x x firmware in an imminent ransomware campaign using stolen credentials.”

Ransomware 115

Ransomware Firmware Mobile InfoSec 115

Security Affairs

OCTOBER 7, 2021

Experts warn of the availability of proof of concept (PoC) exploit code for a couple of authentication bypass vulnerabilities in Dahua cameras, tracked as CVE-2021-33044 and CVE-2021-33045. . In order to protect Dahua devices, users have to install the latest firmware version. SecurityAffairs – hacking, Dahua cameras).

Authentication 126

Authentication Firmware Hacking Engineering 126

Security Affairs

AUGUST 24, 2021

Realtek published a security advisory on August 15 to warn customers about security updates to address vulnerabilities in its software developers kits (SDK) which is used by at least 65 separate vendors. On August 15, firmware security company IoT Inspector published details about the flaws. ” states SAM experts.

IoT 122

IoT Firmware Internet Internet 122

Security Affairs

APRIL 19, 2022

Lenovo warns of vulnerabilities in its Unified Extensible Firmware Interface (UEFI) shipped with at least 100 notebook models. Two vulnerabilities, tracked as CVE-2021-3971 and CVE-2021-3972 , can be exploited by an attacker to disable the protection for the SPI flash memory chip and turn off the UEFI Secure Boot feature.

Firmware 84

Firmware Manufacturing Hacking Cybersecurity 84

Security Affairs

AUGUST 2, 2021

An attacker could also push an insecure firmware upgrade to fully compromise the devices. The CVE-2021-37160 has yet to be addressed. Swisslog has also published security advisories for these vulnerabilities. SecurityAffairs – hacking, PTS Systems). Swisslog has released Nexus Control Panel version 7.2.5.7

Healthcare 108

Healthcare Firmware Manufacturing Ransomware 108

Security Affairs

JANUARY 6, 2021

Threat actors are attempting to hack Zyxel devices exploiting the recently disclosed vulnerability CVE-2020-29583, security researchers warn. The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account.

Firmware 110

Firmware Passwords Accountability VPN 110

Security Affairs

JUNE 24, 2021

The threat actors are targeting the USG, ZyWALL, USG FLEX, ATP, and VPN series running on-premise ZLD firmware. link] pic.twitter.com/EpBsc715kI — JAMESWT (@JAMESWT_MHT) June 24, 2021. SecurityAffairs – hacking, Zyxel). The company states that devices running the Nebula cloud management mode are not impacted.

VPN 110

VPN Firewall Firmware Authentication 110

Security Affairs

NOVEMBER 10, 2021

CVE-2021-42373 A NULL pointer dereference in man leads to denial of service when a section name is supplied but no page argument is given man 1.33.0-1.33.1 CVE-2021-42374 An out-of-bounds heap read in unlzma leads to information leak and denial of service when crafted LZMA-compressed input is decompressed.

Risk 124

Risk Firmware Software Hacking 124

Security Affairs

MARCH 9, 2022

Three flaws in APC Smart-UPS devices, tracked as TLStorm, could be exploited by remote attackers to hack and destroy them. Researchers from IoT security company Armis have discovered three high-impact security flaws, collectively tracked as TLStorm, affecting APC Smart-UPS devices. SecurityAffairs – hacking, IoT).

Firmware 92

Firmware IoT Authentication Backups 92

Security Affairs

FEBRUARY 4, 2021

The flaws (CVE-2021-1289, CVE-2021-1290, CVE-2021-1291, CVE-2021-1292, CVE-2021-1293, CVE-2021-1294, CVE-2021-1295) have received a CVSS score of 9.8/10. Cisco has addressed the flaw with the release of firmware version 1.0.01.02 SecurityAffairs – hacking, VPN routes).

VPN 99

VPN Small Business Wireless Firmware 99

Security Affairs

DECEMBER 8, 2021

The most severe vulnerabilities addressed by SonicWall are two critical stack-based buffer overflow vulnerabilities tracked as CVE-2021-20038 and CVE-2021-20045 respectively. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, ” reads the advisory for the CVE-2021-20038 flaw.

Authentication 114

Authentication Firmware Hacking Information Security 114

Security Affairs

MAY 25, 2021

Once activated, the Home Network Security station scans all traffic passing in and out of your home network, allowing it to prevent intrusions, block hacking attempts, and web threats as well as protect owner’s privacy. The flaws addressed by the security firm were reported by experts from Cisco Talos. Pierluigi Paganini.

Network Security 117

Network Security Authentication Firmware Passwords 117

Security Affairs

APRIL 25, 2021

Threat actors are exploiting two vulnerabilities in the popular file-sharing server FileZen , tracked as CVE-2020-5639 and CVE-2021-20655 , to steal sensitive data from businesses and government organizations. Soliton addressed both flaws in FileZen solutions with the release of firmware versions V4.2.8 and V5.0.3.

System Administration 117

System Administration Firmware Government Hacking 117

Security Affairs

FEBRUARY 28, 2024

The Mirai -based Moobot botnet was first documented by Palo Alto Unit 42 researchers in February 2021, in November 2021, it started exploiting a critical command injection flaw ( CVE-2021-36260 ) in the webserver of several Hikvision products. Upgrade to the latest firmware version.

Energy and Utilities 96

Energy and Utilities Government Firewall Malware 96

Security Affairs

APRIL 2, 2022

The threat actors added TOTOLINK exploits just a week after the exploit codes were publicly released on GitHub in the attempt to compromise the largest number of devices as possible before the owners upgrade to the latest firmware releases. TOTOLINK has already addressed these flaws with the release of new firmware for vulnerable devices.

DDOS 85

DDOS Firmware Surveillance IoT 85