Security Affairs

JUNE 20, 2023

Zyxel released security updates to address a critical security flaw, tracked as CVE-2023-27992 (CVSS score: 9.8), affecting its network-attached storage (NAS) devices. The vulnerability is a pre-authentication command injection issue that impacts the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0,

Firmware 91

Firmware Firewall Authentication VPN 91

Security Affairs

OCTOBER 4, 2023

.” The three critical issues fixed by the chipmaker are: Public ID Security Rating CVSS Rating Technology Area Date Reported CVE-2023-24855 Critical Critical (CVSS Score 9.8) WLAN Firmware Internal CVE-2023-24855 : Use of Out-of-range Pointer Offset in Modem. CVE-2023-28540 : Improper Authentication in Data Modem.

Firmware 101

Firmware Surveillance Authentication Manufacturing 101

Security Affairs

AUGUST 14, 2023

The procedures allow administrators to provide device information such as server addresses, account information, and firmware updates. The server is used to provide configurations and firmware updates to the devices. In this scenario, an attacker can act as a rogue server and distribute malicious firmware.

Firmware 90

Firmware Authentication Passwords Hacking 90

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT 143

IoT Firmware Authentication Wireless 143

Security Affairs

MARCH 8, 2020

Netgear has addressed a critical remote code execution vulnerability that could be exploited by an unauthenticated attacker to take over AC Router Nighthawk (R7800) hardware running firmware versions prior to 1.0.2.68. NETGEAR strongly recommends that you download the latest firmware as soon as possible.”

Firmware 117

Firmware Wireless Advertising Authentication 117

Security Affairs

MAY 11, 2023

. “NETGEAR strongly recommends that you download the latest firmware as soon as possible.” ” The vendor addressed the issues in April 2023 with the release of firmware version 1.0.10.94 The remaining ones are authentication bypass and command injection flaws. for the RAX30 router family. We are in the final!

Hacking 96

Hacking Firmware Authentication DNS 96

Security Affairs

OCTOBER 7, 2021

A proof of concept exploit for two authentication bypass vulnerabilities in Dahua cameras is available online, users are recommended to immediately apply updates. “The identity authentication bypass vulnerability found in some Dahua products during the login process. Follow me on Twitter: @securityaffairs and Facebook.

Authentication 128

Authentication Firmware Hacking Engineering 128

Security Affairs

MAY 4, 2023

In order to exploit the flaw, an attacker has to upgrade an affected device to a crafted version of the firmware. “This vulnerability is due to a missing authentication process within the firmware upgrade function.” “Cisco has not released firmware updates to address this vulnerability.

Firmware 86

Firmware Education Media Authentication 86

Security Affairs

JULY 15, 2021

. “Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x x firmware in an imminent ransomware campaign using stolen credentials.”

Firmware 109

Firmware Ransomware Passwords Mobile 109

Security Affairs

DECEMBER 9, 2021

. “The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field.” TP-Link addressed the flaw on November 12, 2021 with the release of the firmware update TL-WR840N(EU)_V5_211109.

Firmware 143

Firmware Architecture Malware Hacking 143

Security Affairs

DECEMBER 31, 2021

Researchers discovered multiple high-risk vulnerabilities affecting the latest firmware version for the Netgear Nighthawk R6700v3 router. Researchers from Tenable have discovered multiple vulnerabilities in the latest firmware version (version 1.0.4.120) of the popular Netgear Nighthawk R6700v3 WiFi router. ” states Tenable.

Firmware 125

Firmware Encryption Authentication Passwords 125

Security Affairs

MARCH 7, 2020

The CVE-2019-0090 vulnerability affects the firmware running on the ROM of the Intel’s Converged Security and Management Engine (CSME). Intel CSME is responsible for initial authentication of Intel-based systems by loading and verifying all other firmware for modern platforms.” x, SPS_E3_05.00.04.027.0.

Firmware 129

Firmware Technology Advertising Authentication 129

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router. ” states the vendor.

Firmware 117

Firmware Wireless Passwords Internet 117

Security Affairs

SEPTEMBER 7, 2022

flaw is classified as a format string vulnerability that resides in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0. Below is the list of affected models and the firmware patches released by the company. Zyxel addressed a critical vulnerability, tracked as CVE-2022-34747 , impacting its network-attached storage (NAS) devices.

Firewall 85

Firewall Firmware Authentication VPN 85

Security Affairs

MARCH 9, 2022

Two of the TLStorm vulnerabilities reside in the TLS implementation used by Cloud-connected Smart-UPS devices, while the third one is a design flaw in the firmware upgrade process of Smart-UPS devices. The researchers discovered that the firmware upgrades are not properly signed and validated.

Firmware 94

Firmware IoT Authentication Backups 94

Security Affairs

JUNE 12, 2022

By using the manufacturer’s built-in ports, we were able to manipulate on-board components and interact with the device.Combining both known and novel techniques, we were able to achieve root access to the device’s operating system and pull its firmware for emulation and vulnerability discovery.” Overall 4.8. Overall 4.8.

Firmware 88

Firmware Penetration Testing Manufacturing Authentication 88

Security Affairs

DECEMBER 15, 2020

The CVE-2020-25183 is an improper authentication issue that could be exploited by an attacker to bypass the authentication between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile app. The flaw could be exploited by an attacker to remotely execute code taking over the device. ” states the advisory.

Firmware 101

Firmware Authentication Mobile IoT 101

Security Affairs

NOVEMBER 1, 2021

An attacker with access to the dispenser controller’s USB port can install an outdated or modified firmware version to bypass the encryption and make cash withdrawals. ” explained Vladimir Kononovich, Senior Specialist of ICS Security at Positive Technologies. Both issues received a CVSSv3.0 score of 6.8.

Hacking 116

Hacking Firmware Encryption Manufacturing 116

Security Affairs

JUNE 24, 2021

The threat actors are targeting the USG, ZyWALL, USG FLEX, ATP, and VPN series running on-premise ZLD firmware. Upon accessing the devices, attackers then bypass authentication and establish SSL VPN tunnels with unknown user accounts (i.e. The company states that devices running the Nebula cloud management mode are not impacted.

VPN 111

VPN Firewall Firmware Authentication 111

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. The firmware malware is based on code associated with HackingTeam’s VectorEDK bootkit, with minor changes. ” concludes the report.

Firmware 129

Firmware Spyware Surveillance Hacking 129

Security Affairs

AUGUST 13, 2023

The experts pointed out that the exploiting the vulnerabilities requires user authentication, as well as deep knowledge of the proprietary protocol of CODESYS V3 and the structure of the different services that the protocol uses. Check with the device manufacturers for available patches and update the device firmware to version to 3.5.19.0

Authentication 90

Authentication Firmware Hacking Passwords 90

Security Affairs

AUGUST 1, 2023

Set up strong authentication mechanisms, such as complex passwords or use multi-factor authentication (MFA) for printer access. Keep the printer’s firmware and software up to date and disable unnecessary services or protocols on the printer that are not required for its intended function.

Wireless 95

Wireless Firmware Passwords Authentication 95

Security Affairs

NOVEMBER 10, 2022

The industrial automation giant ABB addressed the flaw with the release of firmware updates on July 14, 2022. The researchers initially discovered an authentication bypass issue, then explored the systems looking at functionalities available to authenticated users such as uploading and downloading configuration files.

Firmware 131

Firmware Authentication Passwords Manufacturing 131

Security Affairs

DECEMBER 14, 2022

While the default security settings have improved over the review period, some popular brands either offer default passwords or no authentication, meaning anyone can spy on the spies. It is worrying that all analyzed brands have at least some models that allow users to keep default passwords or have no authentication setup whatsoever.

Surveillance 130

Surveillance Manufacturing Passwords Internet 130

Security Affairs

DECEMBER 12, 2020

“Incorrect permissions are set by default for an API entry-point of a specific service, allowing a non-authenticated user to trigger a function that could reboot the device remotely.” ” reads the security advisory published by CISA. Update the firmware on CompactRIO controllers to v8.5

Firmware 88

Firmware Manufacturing Software Authentication 88

Security Affairs

APRIL 25, 2021

“The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some requests to its built-in HTTPS interface. Someone can use this vulnerability to obtain sensitive information from the system, such as usernames and passwords. ” states the report published by Eye security.

Firmware 111

Firmware Passwords Authentication Wireless 111

SiteLock

AUGUST 27, 2021

Up next, Black Hat, one of the world’s largest information security conferences, took place in early August 2018 in Sin City. The conference held many briefings on politics, legislation, and Machine Learning (ML) and Artificial Intelligence (AI) in cybersecurity, as well as the challenge of endpoint security for many IoT devices.

Small Business 98

Small Business Artificial Intelligence Firmware IoT 98

Security Affairs

AUGUST 13, 2023

CVE-2023-3266: Improperly Implemented Security Check for Standard (Auth Bypass; CVSS 7.5) CVE-2023-3267: OS Command Injection (Authenticated RCE; CVSS 7.5) CVE-2023-3260: OS Command Injection (Authenticated RCE; CVSS 7.2) CVE-2023-3263: Authentication Bypass by Alternate Name (Auth Bypass; CVSS 7.5)

Hacking 88

Hacking Firmware Authentication Software 88

Security Affairs

SEPTEMBER 2, 2021

As of today, the researchers discovered 16 security vulnerabilities, with 20 common vulnerability exposures (CVEs) already assigned and four vulnerabilities are pending CVE assignment from Intel and Qualcomm. Crashes generally trigger a fatal assertion, segmentation faults due to a buffer or heap overflow within the SoC firmware.

Firmware 90

Firmware Manufacturing IoT Technology 90

Security Affairs

AUGUST 27, 2021

This information is being shared as part of a coordinated disclosure with ICS-CERT, which published advisory ICSA-21-238-02 , and with the vendor, Annke, which has released firmware that fixes the issue.” ” reads the security advisory published by Nozomi Networks Labs. The mainboard of the Annke N48PBB.

Surveillance 100

Surveillance Hacking Firmware Manufacturing 100

Security Affairs

JULY 11, 2019

” reads the security advisory. may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.” The flaw has been classified as “medium severity,” it affects firmware versions prior to SCV10150.

Firmware 78

Firmware Advertising Authentication Hacking 78

Security Affairs

JULY 10, 2020

The backdoor accounts in the firmware of 29 FTTH Optical Line Termination (OLT) devices from popular vendor C-Data. The security duo, composed of Pierre Kim and Alexandre Torres, disclosed seven vulnerabilities in the firmware of FTTH OLT devices manufactured by C-Data. ” reads the analysis published by the experts.

Firmware 98

Firmware Accountability Advertising Manufacturing 98

Security Affairs

SEPTEMBER 8, 2020

“The authentication function contains undocumented code which provides the ability to authenticate as root without having to know the actual root password. An adversary with the private key can remotely authenticate to the management interface as root.” ” reads the advisory published by the expert.

Firmware 88

Firmware Wireless Authentication Advertising 88

Security Affairs

DECEMBER 8, 2021

This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, Rapid7 SMA-3204 Authenticated Command Injection CVE-2021-20039 7.2 NCCGroup SMA-3233 Post-Authentication Remote Command Execution CVE-2021-20044 7.2 Rapid7 SMA-3204 Authenticated Command Injection CVE-2021-20039 7.2

Authentication 115

Authentication Firmware Hacking Information Security 115

Security Affairs

JULY 3, 2023

For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release. The vulnerability was reported to Fortinet by the researcher Charles Fol and Dany Bach ( DDXhunter ) from Lexfo Security. states the report published by Fortinet.

Firewall 85

Firewall VPN Firmware Internet 85

Security Affairs

JULY 25, 2020

Unfortunately, some of the impacted models have reached their End-of-Support (“EOS”)/ End-of-Life (“EOL”) date, which means they wouldn’t receive security updates to fix the issues. B09 (and below) will receive no security updates remaining vulnerable.

Firmware 100

Firmware Advertising Authentication Hacking 100

Security Affairs

JULY 1, 2020

Four of flaws have been rated high severity , they can be exploited by an unauthenticated attacker with network access to the vulnerable Netgear device to execute arbitrary code with admin or root privileges, and to bypass authentication. Authentication is not required to exploit this vulnerability.” ” states the CERT/CC.

Authentication 130

Authentication Firmware Hacking Mobile 130