Security Affairs

FEBRUARY 1, 2023

On January 30, Taiwanese vendor QNAP released QTS and QuTS firmware updates to address a critical vulnerability, tracked as CVE-2022-27596 (CVSS v3 score: 9.8), that affects QNAP NAS devices. Censys found 30,000 internet-facing QNAP appliances potentially impacted by a recently disclosed critical code injection flaw.

Internet 98

Internet Internet Firmware IoT 98

Security Affairs

JANUARY 9, 2023

Tens of software vulnerabilities affected Qualcomm firmware and impacted the devices of Microsoft, Lenovo, and Samsung. Qualcomm January 2023 security bulletin addressed 22 software vulnerabilities in its Snapdragon suite. CVE-2022-33265 (CVSS Score 7.3) – the flaw is an Information exposure in Powerline Communication Firmware.

Firmware 85

Firmware Manufacturing Software Hacking 85

Security Affairs

JUNE 19, 2023

ASUS addressed critical vulnerabilities in multiple router models, urging customers to immediately install firmware updates. ASUS is warning customers to update some router models to the latest firmware to address critical vulnerabilities. “Update your router to the latest firmware.

Firmware 82

Firmware VPN Wireless Passwords 82

Security Affairs

MAY 17, 2022

US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-30525 RCE flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog. Last week, Zyxel has addressed the critical CVE-2022-30525 (CVSS score: 9.8) If possible, enable automatic firmware updates. Commands are executed as the nobody user.”

Firewall 73

Firewall VPN Firmware Internet 73

Security Affairs

JANUARY 15, 2024

SonicWall next-generation firewall (NGFW) series 6 and 7 devices are affected by two unauthenticated denial-of-service vulnerabilities, tracked as CVE-2022-22274 and CVE-2023-0656 , that could potentially lead to remote code execution. ” concludes the report.

Firewall 127

Firewall Hacking Firmware Internet 127

Security Affairs

OCTOBER 4, 2023

Google Threat Analysis Group and Google Project Zero first reported that the CVE-2023-33106, CVE-2023-33107, CVE-2022-22071 and CVE-2023-33063 are actively exploited in targeted attacks. Please contact your device manufacturer for more information on the patch status about specific devices.” ” reads the advisory.

Firmware 100

Firmware Surveillance Authentication Manufacturing 100

Security Affairs

NOVEMBER 9, 2022

Lenovo has released security updates to address a couple of high-severity vulnerabilities impacting various ThinkBook, IdeaPad, and Yoga laptop models. An attacker can exploit the flaws to disable UEFI Secure Boot. Secure Boot is a security feature of the latest Unified Extensible Firmware Interface (UEFI) 2.3.1

Firmware 94

Firmware Manufacturing Hacking Software 94

Security Affairs

DECEMBER 24, 2022

Security researcher ReSolver announced the discovery of hardcoded credentials (CVE-2022-40602) in ZyXEL LTE3301-M209 LTE indoor routers. “The firmware is basically a merge of 3 sections, the LZMA section is the kernel, at 0x148CD6 the root-fs and at 0x90BD36 the www content.” 13 Sep 2022: Details sent to ZyXEL.

Firmware 98

Firmware Passwords Hacking Cybersecurity 98

Security Affairs

FEBRUARY 6, 2024

The malware survives reboots and firmware upgrades. Moreover, the infection survives firmware upgrades.” ” The attack chain starts with the exploitation of the CVE-2022-42475 vulnerability for FortiGate devices. .” reads the advisory published by the security vendor. ” continues the report.

Malware 108

Malware Firmware VPN Backups 108

Security Affairs

APRIL 28, 2023

Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. The vulnerability is an improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60

Firewall 94

Firewall Firmware VPN Authentication 94

Security Affairs

AUGUST 14, 2023

The procedures allow administrators to provide device information such as server addresses, account information, and firmware updates. The server is used to provide configurations and firmware updates to the devices. In this scenario, an attacker can act as a rogue server and distribute malicious firmware.

Firmware 88

Firmware Authentication Passwords Hacking 88

Security Affairs

JULY 14, 2023

Researchers from ESET discovered in March a new stealthy Unified Extensible Firmware Interface ( UEFI ) bootkit, named BlackLotus , that is able to bypass Secure Boot on Windows 11. Secure Boot is a security feature of the latest Unified Extensible Firmware Interface (UEFI) 2.3.1

Firmware 97

Firmware Malware CISO Hacking 97

Security Affairs

JANUARY 30, 2023

Taiwanese vendor QNAP is warning customers to install QTS and QuTS firmware updates to address a critical flaw impacting its NAS devices. QNAP released QTS and QuTS firmware updates to address a critical vulnerability, tracked as CVE-2022-27596 (CVSS v3 score: 9.8), that affects QNAP NAS devices.

Firmware 97

Firmware Hacking Internet Internet 97

Security Affairs

APRIL 5, 2023

HP would take up to 90 days to address a critical flaw, tracked as CVE-2023-1707, that resides in the firmware of some business-grade printers. The exploitation of the flaw can potentially lead to information disclosure and the IT giant announced that it would take up to 90 days to address the vulnerability. and having IPsec enabled.

Firmware 88

Firmware Education Media Hacking 88

Security Affairs

MAY 25, 2023

The vulnerabilities were reported to the company on December 23, 2022 through Trend Micro’s Zero Day Initiative (ZDI). “Please note that this is a device beta software, beta firmware, or hot-fix release which is still undergoing final testing before its official release. ” We are in the final!

Firmware 93

Firmware Authentication Software Hacking 93

Security Affairs

SEPTEMBER 19, 2022

Researchers discovered two critical vulnerabilities (CVE–2022–36158 and CVE–2022–36159) in Flexlan devices that provide WiFi on airplanes. “It is found that our wireless products, FLEXLAN FX3000/2000 series, have a firmware vulnerability. “[CVE-2022-36158] – Hidden system command web page. .

Wireless 90

Wireless Firmware Passwords Engineering 90

Security Affairs

MARCH 1, 2023

ESET discovered a stealthy Unified Extensible Firmware Interface (UEFI) bootkit dubbed BlackLotus that is able to bypass the Secure Boot on Windows 11. Researchers from ESET discovered a new stealthy Unified Extensible Firmware Interface ( UEFI ) bootkit, named BlackLotus , that is able to bypass Secure Boot on Windows 11.

Firmware 95

Firmware Malware Hacking Security Defenses 95

Security Affairs

DECEMBER 17, 2023

The researchers discovered the botnet in October 2023, but they believe it has been active since at least 2022. The security firm revealed that threat actors were exploiting a vulnerability, tracked as CVE-2023-49897 (CVSS score 8.0) and earlier. The vulnerability affects VioStor NVR Versions 5.0.0 and earlier (5.0.0

Firmware 114

Firmware Wireless DDOS IoT 114

Security Affairs

MARCH 9, 2022

Two of the TLStorm vulnerabilities reside in the TLS implementation used by Cloud-connected Smart-UPS devices, while the third one is a design flaw in the firmware upgrade process of Smart-UPS devices. The researchers discovered that the firmware upgrades are not properly signed and validated.

Firmware 92

Firmware IoT Authentication Backups 92

Security Affairs

SEPTEMBER 19, 2022

The FunJSQ module is used in various Netgear routers and Orbi WiFi systems, the issues affecting it were discovered in May 2022 and are now fixed. “Back in May 2022, we discovered FunJSQ , a third-party gaming speed-improvement service by China-based Xiamen Xunwang Network Technology Co.,

Firmware 100

Firmware Passwords Technology Hacking 100

Security Affairs

MAY 4, 2023

In order to exploit the flaw, an attacker has to upgrade an affected device to a crafted version of the firmware. “This vulnerability is due to a missing authentication process within the firmware upgrade function.” “Cisco has not released firmware updates to address this vulnerability.

Firmware 85

Firmware Education Media Authentication 85

Security Affairs

JUNE 12, 2022

By using the manufacturer’s built-in ports, we were able to manipulate on-board components and interact with the device.Combining both known and novel techniques, we were able to achieve root access to the device’s operating system and pull its firmware for emulation and vulnerability discovery.” Overall 4.8. Overall 4.8.

Firmware 87

Firmware Penetration Testing Manufacturing Authentication 87

Security Affairs

SEPTEMBER 7, 2022

Zyxel addressed a critical vulnerability, tracked as CVE-2022-34747 , impacting its network-attached storage (NAS) devices. The CVE-2022-34747 (CVSS score: 9.8) flaw is classified as a format string vulnerability that resides in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0. 11)C0 and earlier V5.21(AAZF.12)C0

Firewall 83

Firewall Firmware Authentication VPN 83

Security Affairs

NOVEMBER 28, 2022

The experts explained that the flaw, tracked as CVE-2022-4020 , is similar to the Lenovo vulnerabilities the company disclosed earlier this month. Same as in Lenovo’s case, an attacker can trigger the issue to deactivate the UEFI Secure Boot by creating NVRAM variable directly from OS. Pierluigi Paganini.

Firmware 127

Firmware Hacking Information Security 127

Security Affairs

DECEMBER 24, 2022

Security researcher ReSolver announced the discovery of hardcoded credentials (CVE-2022-40602) in ZyXEL LTE3301-M209 LTE indoor routers. “The firmware is basically a merge of 3 sections, the LZMA section is the kernel, at 0x148CD6 the root-fs and at 0x90BD36 the www content.” 13 Sep 2022: Details sent to ZyXEL.

Firmware 52

Firmware Passwords Hacking Cybersecurity 52

Security Affairs

MAY 13, 2022

Zyxel has moved to address a critical security vulnerability (CVE-2022-30525, CVSS score: 9.8) Zyxel silently addressed the flaw by releasing security updates on April 28, 2022, Rapid7 pointed out that this choice leaves defenders in the dark and only advantage the attackers. Commands are executed as the nobody user.”

Firewall 71

Firewall Firmware VPN Wireless 71

Security Affairs

MARCH 22, 2022

HP issued a security bulletin warning of a buffer overflow vulnerability, tracked as CVE-2022-3942 (CVSS score 8.4), that could lead to remote code execution on vulnerable devices. HP already addressed the flaw with the release of firmware security updates for the majority of the affected devices. Pierluigi Paganini.

Firmware 73

Firmware Hacking Data breaches Information Security 73

Security Affairs

MAY 16, 2022

Researchers devised an attack technique to tamper the firmware and execute a malware onto a Bluetooth chip when an iPhone is “off.” Unlike NFC and UWB chips, the Bluetooth firmware is neither signed nor encrypted opening the doors to modification. To nominate, please visit:?

Malware 96

Malware Wireless Firmware Mobile 96

Security Affairs

NOVEMBER 10, 2022

The vulnerability, CVE-2022-0902 (CVSS score: 8.1), is a path-traversal issue that can be exploited by an attacker to inject and execute arbitrary code. “Team82 found a high-severity path-traversal vulnerability (CVE-2022-0902) in ABB’s TotalFlow Flow Computers and Remote Controllers.

Firmware 130

Firmware Authentication Passwords Manufacturing 130

Security Affairs

FEBRUARY 9, 2024

In December 2023, Fortinet urged its customers to update their installs to address an actively exploited FortiOS SSL-VPN vulnerability, tracked as CVE-2022-42475, that could be exploited by an unauthenticated, remote attacker to execute arbitrary code on devices. The malware survives reboots and firmware upgrades.

VPN 103

VPN Firmware Malware Government 103

Security Affairs

APRIL 2, 2022

Between February and March 2022, researchers from the FortiGuard Labs team observed Beastmode operators adding five new exploits in a few weeks, with three targeting some TOTOLINK routers. TOTOLINK has already addressed these flaws with the release of new firmware for vulnerable devices.

DDOS 85

DDOS Firmware Surveillance IoT 85

Security Affairs

MAY 11, 2023

.” The vulnerabilities, tracked as CVE-2023-27357 , CVE-2023-27367 , CVE-2023-27368 , CVE-2023-27369 , CVE-2023-27370 , were demonstrated by Claroty researchers during the 2022 Pwn2Own Toronto hacking contest as part of an exploit. “NETGEAR is aware of multiple security vulnerabilities on the RAX30. We are in the final!

Hacking 95

Hacking Firmware Authentication DNS 95

Security Affairs

JULY 15, 2022

Dragos experts investigated an infection of DirectLogic PLCs from Automation Direct, they performed reverse engineering of the password cracking tool and discovered it did not crack the password at all, rather, it exploited a vulnerability in the firmware to retrieve the password on command. ” reads the advisory published by Dragos.

Passwords 113

Passwords Software Firmware Malware 113

Security Affairs

AUGUST 13, 2022

Researchers from hardware security firm Eclypsium have discovered a vulnerability in three signed third-party Unified Extensible Firmware Interface (UEFI) boot loaders that can be exploited to bypass the UEFI Secure Boot feature. Secure Boot is a security feature of the latest Unified Extensible Firmware Interface (UEFI) 2.3.1

Firmware 97

Firmware Hacking Information Security 97

Security Affairs

AUGUST 23, 2022

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. The expert confirmed that every firmware developed since 2016 has been tested and found to be vulnerable.

Hacking 115

Hacking Firmware Internet Internet 115

Security Affairs

MARCH 14, 2023

The unknown threat actor is exploiting a vulnerability in Fortinet FortiOS software, tracked as CVE-2022-41328 , that may allow a privileged attacker to read and write arbitrary files via crafted CLI commands. The CVE-2022-41328 vulnerability (CVSS score: 6.5) ” reads the advisory published by Fortinet.

Firmware 80

Firmware Government Engineering Malware 80

Security Affairs

DECEMBER 22, 2022

The Zerobot botnet first appeared in the wild in November 2022 targeting devices running on Linux operating system. The Go-based botnet spreads by exploiting two dozen security vulnerabilities in the internet of things (IoT) devices and other applications. “Since the release of Zerobot 1.1,

IoT 116

IoT DDOS Malware Firmware 116