Authentication, Firmware, Hacking and Information

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Security Affairs

MAY 11, 2023

Industrial and IoT cybersecurity firm Claroty disclosed technical details of five vulnerabilities that be exploited to hack some Netgear router models. “Team82 disclosed five vulnerabilities in NETGEAR’s Nighthawk RAX30 routers as part of its research and participation in last December’s Pwn2Own Toronto hacking competition.”

Hacking

Hacking Firmware Authentication DNS

CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

MAY 17, 2024

CVE-2021-40655 An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, CISA ) CISA orders federal agencies to fix these vulnerabilities by June 6, 2024.

Firmware

Firmware Authentication Passwords Hacking

Intel addresses High-Severity flaws in NUC Firmware and other tools

Security Affairs

AUGUST 18, 2019

Intel released security updates to address high-severity vulnerabilities in NUC firmware, the Processor Identification Utility, and the Computing Improvement Program. Intel Patch Tuesday for August 2019 addressed high-severity vulnerabilities in NUC firmware, Processor Identification Utility, and Computing Improvement Program.

Firmware

Firmware Authentication Advertising Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Nine flaws in CyberPower and Dataprobe solutions expose data centers to hacking

Security Affairs

AUGUST 13, 2023

Multiple vulnerabilities in CyberPower PowerPanel Enterprise DCIM platform and Dataprobe PDU could expose data centers to hacking. This platform serves as an integrated hub of information and control for all interconnected devices. CVE-2023-3267: OS Command Injection (Authenticated RCE; CVSS 7.5)

Hacking

Hacking Firmware Authentication Software

An RCE in Annke video surveillance product allows hacking the device

Security Affairs

AUGUST 27, 2021

Researchers from Nozomi Networks discovered a critical vulnerability that can be exploited to hack a video surveillance product made by Annke. The vulnerability, tracked as CVE-2021-32941 can be exploited by an attacker to hack a video surveillance product made by Annke, a provider of home and business security solutions.

Surveillance

Surveillance Hacking Firmware Manufacturing

NETGEAR fixes a severe bug in its routers. Patch it asap!

Security Affairs

DECEMBER 30, 2022

The vendor only said that the flaw is a pre-authentication buffer overflow vulnerability and urged customers to address the firmware of their devices as soon as possible. “NETGEAR has released fixes for a pre-authentication buffer overflow security vulnerability” reads the advisory published by the company.

Firmware

Firmware Wireless Authentication Hacking

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

Researchers demonstrated how crooks could hack Diebold Nixdorf’s Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash. An attacker with access to the dispenser controller’s USB port can install an outdated or modified firmware version to bypass the encryption and make cash withdrawals. score of 6.8.

Hacking

Hacking Firmware Encryption Manufacturing

Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches

Security Affairs

APRIL 28, 2023

The vulnerability is an improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.50

Firewall

Firewall Firmware VPN Authentication

Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP)

Security Affairs

AUGUST 14, 2023

The procedures allow administrators to provide device information such as server addresses, account information, and firmware updates. The server is used to provide configurations and firmware updates to the devices. In this scenario, an attacker can act as a rogue server and distribute malicious firmware.

Firmware

Firmware Authentication Passwords Hacking

Chipmaker Qualcomm warns of three actively exploited zero-days

Security Affairs

OCTOBER 4, 2023

Please contact your device manufacturer for more information on the patch status about specific devices.” WLAN Firmware Internal CVE-2023-24855 : Use of Out-of-range Pointer Offset in Modem. .” WLAN Firmware Internal CVE-2023-24855 : Use of Out-of-range Pointer Offset in Modem. ” reads the advisory.

Firmware

Firmware Surveillance Authentication Manufacturing

Netgear addresses severe security flaws in 20 of its products

Security Affairs

SEPTEMBER 6, 2021

Netgear has released firmware updates to address high-severity vulnerabilities in more than a dozen of its smart switches used on businesses. The flaws affected multiple products including the following smart switches, below is the list of the impacted devices and related firmware fixes: GC108P fixed in firmware version 1.0.8.2

Firmware

Firmware Authentication Passwords Hacking

Experts found 15 flaws in Netgear JGS516PE switch, including a critical RCE

Security Affairs

MARCH 14, 2021

Netgear has released security and firmware updates for its JGS516PE Ethernet switch to address 15 vulnerabilities, including a critica remote code execution issue. “The switch internal management web application in firmware versions prior to 2.6.0.43 ” reads the advisory published by NCC Group.”

Firmware

Firmware Authentication Hacking Software

Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched

Security Affairs

DECEMBER 31, 2021

Researchers discovered multiple high-risk vulnerabilities affecting the latest firmware version for the Netgear Nighthawk R6700v3 router. Researchers from Tenable have discovered multiple vulnerabilities in the latest firmware version (version 1.0.4.120) of the popular Netgear Nighthawk R6700v3 WiFi router. Vendor supplies information.

Firmware

Firmware Encryption Authentication Passwords

D-Link fixes two critical flaws in D-View 8 network management suite

Security Affairs

MAY 25, 2023

D-Link fixed two critical flaws in its D-View 8 network management suite that could lead to authentication bypass and arbitrary code execution. in its D-View 8 network management suite that could be exploited by remote attackers to bypass authentication and execute arbitrary code. ” reads the advisory published by ZDI.

Firmware

Firmware Authentication Software Hacking

Binarly released the free online scanner to detect the CVE-2024-3094 Backdoor

Security Affairs

APRIL 2, 2024

Researchers from the firmware security firm Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor Last week, Microsoft engineer Andres Freund discovered a backdoor issue in the latest versions of the “xz” tools and libraries. The malicious build interferes with the authentication in sshd through systemd.

Firmware

Firmware Authentication Engineering Hacking

PoC exploit for 2 flaws in Dahua cameras leaked online

Security Affairs

OCTOBER 7, 2021

A proof of concept exploit for two authentication bypass vulnerabilities in Dahua cameras is available online, users are recommended to immediately apply updates. “The identity authentication bypass vulnerability found in some Dahua products during the login process. SecurityAffairs – hacking, Dahua cameras).

Authentication

Authentication Firmware Hacking Engineering

KindleDrip exploit – Hacking a Kindle device with a simple email

Security Affairs

JANUARY 22, 2021

The experts discovered that Amazon did not verify the authenticity of the email sender, this means that attackers can spoof an email address that is present in the list of approved addresses. Experts also published a video PoC of the KindleDRIP exploit chain on a new Kindle 10 running firmware version 5.13.2. Pierluigi Paganini.

Hacking

Hacking Authentication Firmware Phishing

Zyxel addressed critical flaw CVE-2023-27992 in NAS Devices

Security Affairs

JUNE 20, 2023

The vulnerability is a pre-authentication command injection issue that impacts the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, 14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, 11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0. ” reads the advisory published by Zyxel.

Firmware

Firmware Firewall Authentication VPN

Be aware of exposure of sensitive data on Wi-Fi settings for Canon inkjet printers

Security Affairs

AUGUST 1, 2023

Canon warns that sensitive information on the Wi-Fi connection settings stored in the memories of home and office/large format inkjet printers may not be deleted by the usual initialization process. Set up strong authentication mechanisms, such as complex passwords or use multi-factor authentication (MFA) for printer access.

Wireless

Wireless Firmware Passwords Authentication

Dark Mirai botnet spreads targeting RCE on TP-Link routers

Security Affairs

DECEMBER 9, 2021

. “The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field.” TP-Link addressed the flaw on November 12, 2021 with the release of the firmware update TL-WR840N(EU)_V5_211109.

Firmware

Firmware Architecture Malware Hacking

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router. ” states the vendor.

Firmware

Firmware Wireless Passwords Internet

HID Mercury Access Controller flaws could allow to unlock Doors

Security Affairs

JUNE 12, 2022

By using the manufacturer’s built-in ports, we were able to manipulate on-board components and interact with the device.Combining both known and novel techniques, we were able to achieve root access to the device’s operating system and pull its firmware for emulation and vulnerability discovery.” Overall 4.8. Overall 4.8.

Firmware

Firmware Penetration Testing Manufacturing Authentication

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Security Affairs

MARCH 8, 2020

Netgear has addressed a critical remote code execution vulnerability that could be exploited by an unauthenticated attacker to take over AC Router Nighthawk (R7800) hardware running firmware versions prior to 1.0.2.68. NETGEAR strongly recommends that you download the latest firmware as soon as possible.” Pierluigi Paganini.

Firmware

Firmware Wireless Advertising Authentication

Zyxel addressed a critical RCE flaw in its NAS devices

Security Affairs

SEPTEMBER 7, 2022

flaw is classified as a format string vulnerability that resides in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0. Below is the list of affected models and the firmware patches released by the company. SecurityAffairs – hacking, Zyxel). The CVE-2022-34747 (CVSS score: 9.8) 11)C0 and earlier V5.21(AAZF.12)C0

Firewall

Firewall Firmware Authentication VPN

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT

IoT Firmware Authentication Wireless

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

A China-linked threat actor used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea. The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware.

Firmware

Firmware Spyware Surveillance Hacking

Cisco EoL SPA112 2-Port Phone Adapters are affected by critical RCE

Security Affairs

MAY 4, 2023

In order to exploit the flaw, an attacker has to upgrade an affected device to a crafted version of the firmware. “This vulnerability is due to a missing authentication process within the firmware upgrade function.” “Cisco has not released firmware updates to address this vulnerability.

Firmware

Firmware Education Media Authentication

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

Dragonblood researchers found two new weaknesses in WPA3 protocol that could be exploited to hack WPA3 protected WiFi passwords. A group of researchers known as Dragonblood (Mathy Vanhoef and Eyal Ronen ) devised new methods to hack WPA3 protected WiFi passwords by exploiting two new vulnerabilities dubbed Dragonblood flaws.

Passwords

Passwords Hacking Wireless Authentication

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs

JULY 15, 2021

x firmware in an imminent ransomware campaign using stolen credentials.” “The exploitation targets a known vulnerability that has been patched in newer versions of firmware.” The network equipment vendor is now urging customers to update the firmware of their devices as soon as possible. “If 34 or 9.0.0.10

Firmware

Firmware Ransomware Passwords Mobile

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

Security Affairs

AUGUST 13, 2023

16 vulnerabilities in Codesys products could result in remote code execution and DoS attacks exposing OT environments to hacking. An attacker can trigger the flaw to gain remote code execution and conduct denial-of-service attacks under specific conditions, exposing operational technology (OT) environments to hacking.

Authentication

Authentication Firmware Hacking Passwords

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities referred as USBAnywhere that could be exploited to potentially allow an attacker to take over the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11. ” reads the post published by Eclypsium.

Hacking

Hacking Firmware Media Authentication

TLStorm flaws allow to remotely manipulate the power of millions of enterprise UPS devices

Security Affairs

MARCH 9, 2022

Three flaws in APC Smart-UPS devices, tracked as TLStorm, could be exploited by remote attackers to hack and destroy them. Two of the TLStorm vulnerabilities reside in the TLS implementation used by Cloud-connected Smart-UPS devices, while the third one is a design flaw in the firmware upgrade process of Smart-UPS devices.

Firmware

Firmware IoT Authentication Backups

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Security Affairs

MARCH 7, 2020

The CVE-2019-0090 vulnerability affects the firmware running on the ROM of the Intel’s Converged Security and Management Engine (CSME). Intel CSME is responsible for initial authentication of Intel-based systems by loading and verifying all other firmware for modern platforms.” x, SPS_E3_05.00.04.027.0. .

Firmware

Firmware Technology Advertising Authentication

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

” Once the mobile app has discovered the IP address of the lights, it authenticates with them, receives an authentication token and retrieves information about the device. Experts found a flaw in the authentication process, it only authenticates the lights to the app and not visa- versa. . Pierluigi Paganini.

IoT

IoT Hacking DNS Authentication

10,000+ unpatched ABUS Secvest home alarms can be deactivated remotely

Security Affairs

APRIL 25, 2021

. “The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some requests to its built-in HTTPS interface. Someone can use this vulnerability to obtain sensitive information from the system, such as usernames and passwords. ” reads the description of the vulnerability.

Firmware

Firmware Passwords Authentication Wireless

Remote Command Execution and Information disclosure flaws affect dozens of D-Link routers

Security Affairs

JANUARY 3, 2020

Experts disclosed PoC exploits for remote command execution and information disclosure vulnerabilities affecting many D-Link routers. ”” D-Link, was informed about the flaw by a third-party company in mid-October, but its initial security advisory only identified the DIR-859 router family as being vulnerable.

Advertising

Advertising Firmware VPN Authentication

MITRE, CISA Reveal Dangerous Hardware & Software Vulnerabilities

eSecurity Planet

NOVEMBER 4, 2021

CWE-1191 : On-Chip Debug and Test Interface With Improper Access Control – the debug interface (JTAG) might be used to bypass on-chip protection to extract information. CWE-1277 : Firmware Not Updateable – firmware exploitation exposes the victim to a permanent risk without any possibility to patch weaknesses.

Software

Software Firmware Computers and Electronics Risk

Zyxel warns customers of attacks on its enterprise firewall and VPN devices

Security Affairs

JUNE 24, 2021

The threat actors are targeting the USG, ZyWALL, USG FLEX, ATP, and VPN series running on-premise ZLD firmware. Upon accessing the devices, attackers then bypass authentication and establish SSL VPN tunnels with unknown user accounts (i.e. SecurityAffairs – hacking, Zyxel). Follow me on Twitter: @securityaffairs and Facebook.

VPN

VPN Firewall Firmware Authentication

A bug in ABB Totalflow flow computers exposed oil and gas companies to attack

Security Affairs

NOVEMBER 10, 2022

The industrial automation giant ABB addressed the flaw with the release of firmware updates on July 14, 2022. The researchers initially discovered an authentication bypass issue, then explored the systems looking at functionalities available to authenticated users such as uploading and downloading configuration files.

Firmware

Firmware Authentication Passwords Manufacturing

Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack

Security Affairs

OCTOBER 3, 2018

A typical attack scenario to gain this information sees attackers to luring an authenticated NAS user by tricking it into visiting a specially crafted malicious website. Lenovo confirmed that firmware versions 4.1.402.34662 and earlier are vulnerable, users have to download firmware version 4.1.404.34716 (or later).

Hacking

Hacking Firmware Advertising Backups

D-Link addressed 5 flaws on some router models, some of them reached EoL

Security Affairs

JULY 25, 2020

The flaws include reflected Cross-Site Scripting (XSS), buffer overflows, bypassing authentication issues, and arbitrary code execution bugs. CVE-2020-15896 :: Link :: DAP-1522 :: Exposed administration function, allowing unauthorized access to the few sensitive information. SecurityAffairs – hacking, D-Link).

Firmware

Firmware Advertising Authentication Hacking

Intel addresses high severity flaw in Processor Diagnostic Tool

Security Affairs

JULY 11, 2019

The vulnerability could be exploited by an attacker with access to the system running the tool to escalate privileges, obtain information, or trigger a denial-of-service ( DoS ) condition. may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.”

Firmware

Firmware Advertising Authentication Hacking

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

All too often, this gives them a false sense of security: when in fact, threat actors can not only access and watch your camera feed but exploit the unsecured device to hack into your network. SecurityAffairs – hacking, IP cameras). Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance.

Surveillance

Surveillance Manufacturing Passwords Internet

Expert found a hardcoded SSH Key in Fortinet SIEM appliances

Security Affairs

JANUARY 20, 2020

Expert found a hardcoded SSH public key in Fortinet ’s Security Information and Event Management FortiSIEM that can allow access to the FortiSIEM Supervisor. . An attacker with this key can successfully authenticate as this user to the FortiSIEM Supervisor.” SecurityAffairs – FortiSIEM, hacking). Pierluigi Paganini.

Authentication

Authentication Firmware Advertising Firewall

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog

Webinars

Trending Sources

Intel addresses High-Severity flaws in NUC Firmware and other tools

Webinars

Nine flaws in CyberPower and Dataprobe solutions expose data centers to hacking

An RCE in Annke video surveillance product allows hacking the device

NETGEAR fixes a severe bug in its routers. Patch it asap!

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches

Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP)

Chipmaker Qualcomm warns of three actively exploited zero-days

Netgear addresses severe security flaws in 20 of its products

Experts found 15 flaws in Netgear JGS516PE switch, including a critical RCE

Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched

D-Link fixes two critical flaws in D-View 8 network management suite

Binarly released the free online scanner to detect the CVE-2024-3094 Backdoor

PoC exploit for 2 flaws in Dahua cameras leaked online

KindleDrip exploit – Hacking a Kindle device with a simple email

Zyxel addressed critical flaw CVE-2023-27992 in NAS Devices

Be aware of exposure of sensitive data on Wi-Fi settings for Canon inkjet printers

Dark Mirai botnet spreads targeting RCE on TP-Link routers

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

HID Mercury Access Controller flaws could allow to unlock Doors

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Zyxel addressed a critical RCE flaw in its NAS devices

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Second-ever UEFI rootkit used in North Korea-themed attacks

Cisco EoL SPA112 2-Port Phone Adapters are affected by critical RCE

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

USBAnywhere BMC flaws expose Supermicro servers to hack

TLStorm flaws allow to remotely manipulate the power of millions of enterprise UPS devices

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Hacking the Twinkly IoT Christmas lights

10,000+ unpatched ABUS Secvest home alarms can be deactivated remotely

Remote Command Execution and Information disclosure flaws affect dozens of D-Link routers

MITRE, CISA Reveal Dangerous Hardware & Software Vulnerabilities

Zyxel warns customers of attacks on its enterprise firewall and VPN devices

A bug in ABB Totalflow flow computers exposed oil and gas companies to attack

Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack

D-Link addressed 5 flaws on some router models, some of them reached EoL

Intel addresses high severity flaw in Processor Diagnostic Tool

3.5m IP cameras exposed, with US in the lead

Expert found a hardcoded SSH Key in Fortinet SIEM appliances

Stay Connected