Security Affairs

JANUARY 15, 2024

SonicWall next-generation firewall (NGFW) series 6 and 7 devices are affected by two unauthenticated denial-of-service vulnerabilities, tracked as CVE-2022-22274 and CVE-2023-0656 , that could potentially lead to remote code execution. ” concludes the report.

Firewall 144

Firewall Hacking Firmware Internet 144

Security Affairs

DECEMBER 26, 2024

. “Using a Mirai malware variant that incorporates ChaCha20 and XOR decryption algorithms, it has been seen compromising vulnerable Internet of Things (IoT) devices in the wild, such as the DigiEver DVR, and TP-Link devices through CVE-2023-1389.” in newer ones. ” concludes the report.

Manufacturing 89

Manufacturing Malware Firmware IoT 89

Security Affairs

MAY 1, 2025

SonicWall revealed that attackers actively exploited two security vulnerabilities, tracked as CVE-2023-44221 and CVE-2024-38475 , in its SMA100 Secure Mobile Access appliances. SMA100 devices updated with the fixed firmware version 10.2.1.14-75sv 62sv and higher versions (Fixed on December 4, 2023) CVE-2024-38475 – 10.2.1.14-75sv

Firmware 69

Firmware Mobile VPN Authentication 69

Security Affairs

MAY 2, 2025

An attacker can exploit the flaw to map URLs to file system locations that are permitted to be served by the server CVE-2023-44221 (CVSS score: 7.2) SMA100 devices updated with the fixed firmware version 10.2.1.14-75sv The company addressed the flaws with the following releases: CVE-2023-44221 10.2.1.10-62sv and earlier.

Firmware 70

Firmware Authentication VPN Mobile 70

SecureList

NOVEMBER 14, 2022

We polled our experts from the GReAT team and have gathered a small number of key insights about what APT actors are likely to focus on in 2023. One glaring example is Iran, which faced a series of spectacular hacks and sabotages. One of the major cyber-incidents of 2022 took place early this year: the Okta hack.

Firmware 127

Firmware Surveillance Mobile Telecommunications 127

Security Affairs

MAY 16, 2023

China-linked APT group Mustang Panda employed a custom firmware implant targeting TP-Link routers in targeted attacks since January 2023. In most recent attacks observed by Check Point, the threat actors employed custom firmware implant designed explicitly for TP-Link routers. ” reads the report published by Check point.

Firmware 98

Firmware Encryption Government Malware 98

Security Affairs

JUNE 20, 2023

Zyxel released security updates to address a critical security flaw, tracked as CVE-2023-27992 (CVSS score: 9.8), affecting its network-attached storage (NAS) devices. The vulnerability is a pre-authentication command injection issue that impacts the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, in its firewall devices.

Firmware 98

Firmware Firewall Authentication VPN 98

Security Affairs

JUNE 25, 2024

The flaw is a command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0. The vulnerability affects NAS326 running firmware versions 5.21(AAZF.16)C0 16)C0 and earlier, and NAS542 running firmware versions 5.21(ABAG.13)C0

Firmware 125

Firmware Hacking Cybercrime Information Security 125

Security Affairs

JANUARY 24, 2025

In March 2023, Mandiant researchers reported that alleged China-linked threat actors, tracked as UNC4540 , deployed custom malware on a SonicWall SMA appliance.The malware allows attackers to steal user credentials, achieve persistence through firmware upgrades, and provides shell access. ” concludes the advisory.

Firmware 74

Firmware Malware Authentication Mobile 74

Security Affairs

JANUARY 14, 2025

” The researchers noticed that the attack targeted firmware versions of devices ranging between 7.0.14 ” In June 2023, Fortinet addressed a critical flaw, tracked as CVE-2023-27997,in FortiOS and FortiProxy that was exploited in a limited number of attacks.

Firewall 83

Firewall VPN Accountability Firmware 83

Security Affairs

MAY 11, 2023

Industrial and IoT cybersecurity firm Claroty disclosed technical details of five vulnerabilities that be exploited to hack some Netgear router models. “Team82 disclosed five vulnerabilities in NETGEAR’s Nighthawk RAX30 routers as part of its research and participation in last December’s Pwn2Own Toronto hacking competition.”

Hacking 98

Hacking Firmware Authentication DNS 98

eSecurity Planet

FEBRUARY 2, 2024

Teslas Get the Spotlight in Recent Ethical Hacking Efforts Researchers have discovered multiple vulnerabilities within Teslas since March 2023. Rapid7’s Zero Day Initiative hosts an event called Pwn2Own, and at the 2023 event, computer security firm Synactiv hacked a Tesla computer within two minutes.

Hacking 125

Hacking IoT Firmware Cybersecurity 125

Security Affairs

JANUARY 15, 2024

The researchers discovered a vulnerability, tracked as CVE-2023-49722 (CVSS score: 8.3), that can be exploited by an attacker on the same network to replace the device firmware with a rogue version. The vulnerability was reported to the vendor in August 2023 and was addressed by the vendor in November 2023.

Firmware 135

Firmware IoT Hacking Information Security 135

Security Affairs

OCTOBER 4, 2023

Google Threat Analysis Group and Google Project Zero first reported that the CVE-2023-33106, CVE-2023-33107, CVE-2022-22071 and CVE-2023-33063 are actively exploited in targeted attacks. The details of the remaining CVEs will be shared in our December 2023 public bulletin.”

Firmware 126

Firmware Surveillance Authentication Manufacturing 126

Security Affairs

SEPTEMBER 6, 2023

The three vulnerabilities were reported by the Taiwanese CERT, below are their descriptions: CVE-2023-39238 (CVSS 9.8): ASUS RT-AX55, RT-AX56U_V2 and RT-AC86U iperf-related modules set_iperf3_svr.cgi API has a format string vulnerability. This function does not properly verify the input format string.

Firmware 145

Firmware Hacking Internet Internet 145

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall 98

Firewall VPN Firmware Internet 98

Security Affairs

JANUARY 18, 2024

Unified Extensible Firmware Interface (UEFI) is a specification that defines the architecture of the platform firmware used for booting the computer hardware and its interface for interaction with the operating system. ” states CERT/CC. . ” states CERT/CC. . ” states CERT/CC.

Firmware 132

Firmware DNS Advertising Architecture 132

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. In the first half of 2023, 97.91% of password brute-force attempts registered by our honeypots targeted Telnet, and only 2.09%, SSH. per day, or $1350 per month.

IoT 136

IoT DDOS Passwords Malware 136

Security Affairs

JANUARY 29, 2025

Named after the Aqua filename, it was first reported in November 2023. In mid-July 2024, Mitel addressed the vulnerability with the release of firmware updates. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, Mirai) HF1 (R6.4.0.136). .”

DDOS 69

DDOS Firmware Malware Firewall 69

Security Affairs

DECEMBER 17, 2023

The researchers discovered the botnet in October 2023, but they believe it has been active since at least 2022. The experts reported the two vulnerabilities to the respective vendors, but they plan to release the fixes in December 2023. and earlier. The vulnerability affects VioStor NVR Versions 5.0.0 and earlier (5.0.0

Firmware 139

Firmware Wireless DDOS IoT 139

Security Affairs

JUNE 7, 2023

June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The June 2023 Android Security Bulletin provides details about the fix for more than fifty vulnerabilities affecting Android devices.

Spyware 98

Spyware Surveillance Firmware Hacking 98

Security Affairs

AUGUST 13, 2023

Multiple vulnerabilities in CyberPower PowerPanel Enterprise DCIM platform and Dataprobe PDU could expose data centers to hacking. The nine vulnerabilities have received CVE between CVE-2023-3259 through CVE-2023-3267. CVE-2023-3265: Improper Neutralization of Escape, Meta, or Control Sequences (Auth Bypass; CVSS 7.2)

Hacking 98

Hacking Firmware Authentication Software 98

Security Affairs

APRIL 28, 2023

A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. through 5.35. through 5.35.

Firewall 98

Firewall Firmware VPN Authentication 98

Security Affairs

FEBRUARY 7, 2024

The most severe of these vulnerabilities, tracked as CVE-2023-40547 (CVSS score: 9.8), can lead to remote code execution under specific circumstances. The vulnerability CVE-2023-40547 is an RCE in http boot support that can lead to Secure Boot bypass “A remote code execution vulnerability was found in Shim. .”

Firmware 140

Firmware Hacking Information Security 140

eSecurity Planet

NOVEMBER 6, 2023

30, 2023 NGINX Ingress Controller for Kubernetes Flaws Can Lead to Credential Theft Type of Attack: Path sanitization bypass and injection vulnerabilities discovered in the NGINX Ingress controller can allow for credential theft, arbitrary command execution, and critical data access. CVE-2023-5044 (Code Injection): This CVSS score 7.6

Software 112

Software Ransomware Education Firmware 112

Security Affairs

MAY 16, 2023

The platform provides real-time monitoring and control, it also supports advanced features such as device management, software and firmware updates, GPS tracking, and data visualization. affected by CVE-2023-32346, CVE-2023-32347, CVE-2023-32348, CVE-2023-2587, CVE-2023-2588) Remote Management System (RMS): Versions prior to 4.14.0

Hacking 98

Hacking Internet Internet Manufacturing 98

Security Affairs

JUNE 13, 2023

Fortinet addressed a new critical flaw, tracked as CVE-2023-27997, in FortiOS and FortiProxy that is likely exploited in a limited number of attacks. Fortinet has finally published an official advisory about the critical vulnerability, tracked as CVE-2023-27997 (CVSS score: 9.2), impacting FortiOS and FortiProxy.

Firewall 98

Firewall VPN Firmware Manufacturing 98

Krebs on Security

JUNE 15, 2023

” When security experts began raising the alarm about a possible zero-day in Barracuda’s products, the Chinese hacking group altered their tactics, techniques and procedures (TTPs) in response to Barracuda’s efforts to contain and remediate the incident, Mandiant found. “Patch your #Fortigate.”

Risk 277

Risk VPN Internet Internet 277

Security Affairs

JANUARY 14, 2024

Forescout experts questioned the attribution of cyber attacks that targeted the energy sector in Denmark in 2023 to the Russia-linked Sandworm. Forescout experts shared findings from their analysis of the cyber attacks that targeted the energy sector in Denmark in 2023, attributing them to the Russia-linked Sandworm. through 5.35.

Firewall 136

Firewall Firmware Cyber Attacks VPN 136

Security Affairs

APRIL 5, 2023

HP would take up to 90 days to address a critical flaw, tracked as CVE-2023-1707, that resides in the firmware of some business-grade printers. HP is aware of a critical vulnerability, tracked as CVE-2023-1707 (CVSS v3.1 The vendor has released temporary firmware mitigation for customers currently running FutureSmart 5.6

Firmware 98

Firmware Education Media Hacking 98

Security Affairs

AUGUST 26, 2024

However SonicWall recommends youinstall the latest firmware. In March 2023, Mandiant researchers reported that alleged China-linked threat actors, tracked as UNC4540, deployed custom malware on a SonicWall SMA appliance. .” Below are the impacted versions: Impacted Platforms Impacted Versions SOHO (Gen 5) 5.9.2.14-12o

Firewall 126

Firewall Firmware Malware Internet 126

Security Affairs

JUNE 19, 2023

ASUS addressed critical vulnerabilities in multiple router models, urging customers to immediately install firmware updates. ASUS is warning customers to update some router models to the latest firmware to address critical vulnerabilities. “Update your router to the latest firmware.

Firmware 98

Firmware VPN Wireless Passwords 98

Security Affairs

JUNE 4, 2023

Zyxel has published guidance for protecting firewall and VPN devices from ongoing attacks exploiting CVE-2023-28771 , CVE-2023-33009 , and CVE-2023-33010 vulnerabilities. Threat actors are actively attempting to exploit the command injection vulnerability CVE-2023-28771 impacting Zyxel firewalls. Patch 1 ZLD V5.36

Firmware 98

Firmware VPN Firewall Hacking 98

Security Affairs

NOVEMBER 14, 2023

On April 25, 2023, Zyxel disclosed a critical vulnerability (CVSS score 9.8), tracked as CVE-2023-28771 , in a number of their firewalls. The vulnerability is an improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35. through 5.35.

Cyber Attacks 139

Cyber Attacks Firmware Firewall VPN 139

Security Affairs

JUNE 5, 2024

The vulnerabilities affect NAS326 running firmware versions 5.21(AAZF.16)C0 16)C0 and earlier, and NAS542 running firmware versions 5.21(ABAG.13)C0 Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, RCE) 13)C0 and older.

Firmware 128

Firmware Authentication Manufacturing Hacking 128

SecureList

JULY 19, 2023

On March 14, 2023, Microsoft published a blogpost describing an Outlook Client Elevation of Privilege Vulnerability (CVSS: 9.8 Some samples submitted to VirusTotal in the past were later found to exploit CVE-2023-23397; others were published after the vulnerability was publicly disclosed.

Firmware 98

Firmware Internet Internet Government 98

Security Affairs

JUNE 1, 2023

Threat actors are actively exploiting a command injection flaw, tracked as CVE-2023-28771, in Zyxel firewalls to install malware. Threat actors are actively attempting to exploit a command injection vulnerability, tracked as CVE-2023-28771 , that impacts Zyxel firewalls. through 4.73, VPN series firmware versions 4.60

Firewall 98

Firewall Firmware VPN DDOS 98