Digital Guardian

AUGUST 9, 2021

A vulnerability found in some routers and modems could make the devices vulnerable to authentication bypass and in turn, allow attackers access to sensitive information.

Authentication 105

Authentication Firmware 105

Threatpost

FEBRUARY 18, 2020

A lack of proper code-signing verification and authentication for firmware updates opens the door to information disclosure, remote code execution, denial of service and more.

Firmware 114

Firmware Authentication 114

Security Affairs

JANUARY 16, 2025

The researchers found that the botnet comprises MikroTik routers with various firmware versions, including recent ones. The botnet uses compromised MikroTik devices as SOCKS proxies, masking malicious traffic origins and enabling other actors to exploit them without authentication, amplifying its scale.

DNS 139

DNS Malware Firmware Authentication 139

Schneier on Security

NOVEMBER 15, 2019

In particular, we discovered timing leakage on an Intel firmware-based TPM as well as a hardware TPM. We show how this information allows an attacker to apply lattice techniques to recover 256-bit private keys for ECDSA and ECSchnorr signatures. Intel has a firmware update. Attack website. News articles. Boing Boing post.

Firmware 250

Firmware Authentication Manufacturing 250

Security Affairs

DECEMBER 3, 2024

The ‘Bootkitty’ Linux UEFI bootkit exploits the LogoFAIL flaws (CVE-2023-40238) to target systems using vulnerable firmware. The bootkit hooks UEFI authentication functions to bypass the Secure Boot mechanism and patches GRUB boot loader functions to evade additional integrity verifications.

Firmware 108

Firmware Manufacturing Malware Authentication 108

Security Affairs

AUGUST 18, 2019

Intel released security updates to address high-severity vulnerabilities in NUC firmware, the Processor Identification Utility, and the Computing Improvement Program. Intel Patch Tuesday for August 2019 addressed high-severity vulnerabilities in NUC firmware, Processor Identification Utility, and Computing Improvement Program.

Firmware 110

Firmware Authentication Advertising Hacking 110

Security Affairs

JUNE 16, 2024

Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models. ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8), impacting seven router models. impacting multiple devices.

Authentication 132

Authentication Firmware Manufacturing VPN 132

Security Affairs

FEBRUARY 18, 2025

Xerox VersaLink C7025 Multifunction printer flaws could allow attackers to capture authentication credentials via pass-back attacks via LDAP and SMB/FTP services. ” Organizations using Xerox VersaLink C7025 Multifunction printers should update to the latest firmware. . and earlier. ” reads the report published by Rapid7.

Firmware 67

Firmware Authentication Accountability Passwords 67

Troy Hunt

NOVEMBER 25, 2020

I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. If this data was compromised, it could potentially expose a huge amount of very personal information about their owners, information that never existed in digital form before the advent of IoT. Or vibrator.

IoT 363

IoT Firmware Risk Encryption 363

Penetration Testing

JUNE 17, 2025

The WAGO Device Manager is a configuration tool embedded in the firmware of WAGO’s industrial control systems (ICS). By crafting malicious scripts hosted on attacker-controlled domains, threat actors could silently exfiltrate system data without triggering standard authentication safeguards. respectively.

Firmware 62

Firmware Penetration Testing Manufacturing Advertising 62

Security Affairs

NOVEMBER 25, 2024

According to the advisory, the attack is only possible if the device is configured to use User-Based-PSK authentication and has a valid user with a username longer than 28 characters. ” The vendor addressed these vulnerabilities with the release of firmware version 5.39 ” reads the advisory published by the vendor.

Firewall 76

Firewall Ransomware VPN Firmware 76

Security Affairs

JANUARY 24, 2025

The vulnerability is a Pre-authentication deserialization of untrusted data issue in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) that has been likely exploited in attacks in the wild as a zero-day. is used by the appliance to track session information, including hashed credentials.

Firmware 74

Firmware Malware Authentication Mobile 74

SC Magazine

FEBRUARY 3, 2021

x firmware. x firmware, which malicious actors exploited in a cyberattack against the infosec firm last month. . SonicWall’s firmware update to version 10.2.0.5-29sv The post SonicWall issues firmware patch after attackers exploited critical bugs appeared first on SC Media. SonicWall). 31 and Feb.

Firmware 95

Firmware Mobile InfoSec Firewall 95

Security Affairs

JANUARY 19, 2025

Claroty researchers disclosed three vulnerabilities in Planet WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on vulnerable devices. ” The firmware analysis performed by the experts revealed vulnerabilities in the dispatcher.cgi interface of WGS-804HPT switches’ web service.

Firmware 71

Firmware IoT Wireless Surveillance 71

Malwarebytes

MARCH 10, 2023

The malware was likely deployed in 2021, and was able to persist on the appliances tenaciously, even surviving firmware upgrades. It offers a combined single-sign-on (SSO) web portal to authenticate users, so intercepting user credentials would give an attacker that is after sensitive information a huge advantage.

Firmware 98

Firmware Malware Encryption Authentication 98

Security Affairs

MARCH 14, 2021

Netgear has released security and firmware updates for its JGS516PE Ethernet switch to address 15 vulnerabilities, including a critica remote code execution issue. “The switch internal management web application in firmware versions prior to 2.6.0.43 ” reads the advisory published by NCC Group.”

Firmware 143

Firmware Authentication Hacking Software 143

Security Affairs

DECEMBER 30, 2024

“At least firmware version 2.0 allows authenticated and remote attackers to execute arbitrary OS commands over HTTP when modifying the system time via apply.cgi.” ” VulnCheck researchers reported that authenticated attackers exploited default router credentials to execute unauthenticated remote command injections.

Firmware 66

Firmware Authentication Hacking Cybersecurity 66

Security Affairs

SEPTEMBER 6, 2021

Netgear has released firmware updates to address high-severity vulnerabilities in more than a dozen of its smart switches used on businesses. The flaws affected multiple products including the following smart switches, below is the list of the impacted devices and related firmware fixes: GC108P fixed in firmware version 1.0.8.2

Firmware 130

Firmware Authentication Passwords Hacking 130

Security Affairs

FEBRUARY 12, 2025

CVE-2024-40891 is very similar to CVE-2024-40890 ( observed authentication attempts , observed command injection attempts ), with the main difference being that the former is telnet-based while the latter is HTTP-based. reads the advisory published by GreyNoise. 4)C0_20170615.

Authentication 73

Authentication Firmware Cybersecurity Hacking 73

Security Affairs

MARCH 8, 2020

Netgear has addressed a critical remote code execution vulnerability that could be exploited by an unauthenticated attacker to take over AC Router Nighthawk (R7800) hardware running firmware versions prior to 1.0.2.68. NETGEAR strongly recommends that you download the latest firmware as soon as possible.”

Firmware 144

Firmware Wireless Advertising Authentication 144

Security Affairs

DECEMBER 31, 2021

Researchers discovered multiple high-risk vulnerabilities affecting the latest firmware version for the Netgear Nighthawk R6700v3 router. Researchers from Tenable have discovered multiple vulnerabilities in the latest firmware version (version 1.0.4.120) of the popular Netgear Nighthawk R6700v3 WiFi router. Vendor supplies information.

Firmware 144

Firmware Encryption Authentication Passwords 144

Security Affairs

MAY 1, 2025

A remote authenticated attacker with administrative privilege can exploit the flaw to inject arbitrary commands as a ‘nobody’ user, potentially leading to OS Command Injection Vulnerability. SMA100 devices updated with the fixed firmware version 10.2.1.14-75sv

Firmware 69

Firmware Mobile Authentication VPN 69

Security Affairs

JULY 1, 2021

Microsoft experts have disclosed a series of vulnerabilities in the firmware of Netgear routers which could lead to data leaks and full system takeover. “In our research, we unpacked the router firmware and found three vulnerabilities that can be reliably exploited.” html) and the firmware image itself (.chk

Firmware 141

Firmware Authentication Encryption Passwords 141

Security Affairs

MARCH 7, 2020

The CVE-2019-0090 vulnerability affects the firmware running on the ROM of the Intel’s Converged Security and Management Engine (CSME). Intel CSME is responsible for initial authentication of Intel-based systems by loading and verifying all other firmware for modern platforms.” x, SPS_E3_05.00.04.027.0.

Firmware 145

Firmware Technology Advertising Authentication 145

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router. ” states the vendor.

Firmware 131

Firmware Wireless Passwords Internet 131

eSecurity Planet

MARCH 17, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), has released a joint cybersecurity advisory warning organizations about the escalating threat posed by the Medusa ransomware.

Ransomware 71

Ransomware Backups Firmware Insurance 71

Security Affairs

OCTOBER 7, 2021

A proof of concept exploit for two authentication bypass vulnerabilities in Dahua cameras is available online, users are recommended to immediately apply updates. “The identity authentication bypass vulnerability found in some Dahua products during the login process. Follow me on Twitter: @securityaffairs and Facebook.

Authentication 145

Authentication Firmware Hacking Engineering 145

Security Affairs

JULY 25, 2020

The flaws include reflected Cross-Site Scripting (XSS), buffer overflows, bypassing authentication issues, and arbitrary code execution bugs. CVE-2020-15896 :: Link :: DAP-1522 :: Exposed administration function, allowing unauthorized access to the few sensitive information.

Firmware 140

Firmware Advertising Authentication Hacking 140

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT 145

IoT Firmware Authentication Wireless 145

Security Affairs

JULY 11, 2019

The vulnerability could be exploited by an attacker with access to the system running the tool to escalate privileges, obtain information, or trigger a denial-of-service ( DoS ) condition. may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.”

Firmware 109

Firmware Advertising Authentication Hacking 109

Security Affairs

DECEMBER 15, 2020

The CVE-2020-25183 is an improper authentication issue that could be exploited by an attacker to bypass the authentication between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile app. The flaw could be exploited by an attacker to remotely execute code taking over the device. ” states the advisory.

Firmware 140

Firmware Authentication Mobile IoT 140

Security Affairs

MAY 2, 2025

A remote authenticated attacker with administrative privilege can exploit the flaw to inject arbitrary commands as a nobody user, potentially leading to OS Command Injection Vulnerability. SMA100 devices updated with the fixed firmware version 10.2.1.14-75sv

Firmware 71

Firmware Authentication VPN Mobile 71

Security Affairs

JANUARY 29, 2025

In mid-July 2024, Mitel addressed the vulnerability with the release of firmware updates. The vendor warned that the exploitation of the flaw could allow an authenticated attacker with administrative privilege to conduct a command injection attack due to insufficient parameter sanitization during the boot process. . HF1 (R6.4.0.136).

DDOS 69

DDOS Firmware Malware Firewall 69

Daniel Miessler

MAY 14, 2020

Keep your firmware and software updated. Enable two-factor authentication on all critical accounts. For your most important accounts—such as those controlling your email account, your bank, and your mobile phone account—you should enable two-factor authentication. Everything. Setting up Google 2FA.

Risk 345

Risk Password Management Passwords Accountability 345

Security Affairs

DECEMBER 30, 2022

The vendor only said that the flaw is a pre-authentication buffer overflow vulnerability and urged customers to address the firmware of their devices as soon as possible. “NETGEAR has released fixes for a pre-authentication buffer overflow security vulnerability” reads the advisory published by the company.

Firmware 98

Firmware Wireless Authentication Hacking 98

Security Affairs

NOVEMBER 27, 2024

ESET discovered the first Unified Extensible Firmware Interface (UEFI) bootkit specifically designed for Linux systems, named Bootkitty. The bootkit hooks UEFI authentication functions to bypass the Secure Boot mechanism and patches GRUB boot loader functions to evade additional integrity verifications. ” concludes the report.

Firmware 64

Firmware Authentication Malware Hacking 64

Security Affairs

OCTOBER 4, 2023

Please contact your device manufacturer for more information on the patch status about specific devices.” WLAN Firmware Internal CVE-2023-24855 : Use of Out-of-range Pointer Offset in Modem. .” WLAN Firmware Internal CVE-2023-24855 : Use of Out-of-range Pointer Offset in Modem. ” reads the advisory.

Firmware 127

Firmware Surveillance Authentication Manufacturing 127