Security Affairs

NOVEMBER 2, 2024

Sophos used custom implants to monitor China-linked thret actors targeting firewall zero-days in a years-long battle. Improved operational security, including disrupting firewall telemetry to hinder detection and minimize their digital footprint. ” concludes the report.

Firmware 123

Firmware Government Firewall Malware 123

Security Affairs

AUGUST 26, 2024

SonicWall addressed a critical flaw in its firewalls that could allow attackers to achieve unauthorized access to the devices. SonicWall has released security updates to address a critical vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), in its firewalls. However SonicWall recommends youinstall the latest firmware. .

Firewall 127

Firewall Firmware Malware Internet 127

Security Affairs

JANUARY 15, 2024

Researchers from Bishop Fox found over 178,000 SonicWall next-generation firewalls (NGFW) publicly exploitable. Researchers from Bishop Fox used BinaryEdge source data to find SonicWall firewalls with management interfaces exposed to the internet.

Firewall 144

Firewall Hacking Firmware Internet 144

Security Affairs

JUNE 24, 2021

Networking equipment giant Zyxel warns customers of a series of attacks that have been targeting some of its enterprise firewall and VPN devices. Networking equipment vendor Zyxel warned its customers of a series of attacks that have been targeting some of its enterprise firewall and VPN server solutions. Pierluigi Paganini.

VPN 144

VPN Firewall Firmware Authentication 144

Security Affairs

DECEMBER 19, 2024

To mitigate the exposure to these threats, users are recommended to change default credentials, use strong passwords, review access logs, employ firewalls and IDS/IPS, and keep firmware up-to-date. Use Firewalls and IDS/IPS : Employ firewalls to block unauthorized access and intrusion detection systems to monitor network behavior.

DDOS 67

DDOS Firmware Firewall Passwords 67

Troy Hunt

NOVEMBER 25, 2020

I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. If this data was compromised, it could potentially expose a huge amount of very personal information about their owners, information that never existed in digital form before the advent of IoT. Or vibrator.

IoT 363

IoT Firmware Risk Manufacturing 363

Security Affairs

APRIL 28, 2023

A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. through 5.35. through 5.35.

Firewall 98

Firewall Firmware VPN Authentication 98

eSecurity Planet

DECEMBER 10, 2023

Firewalls monitor and control incoming and outgoing traffic while also preventing unauthorized access. Overlapping rules may impair firewall efficiency or expose flaws that allow attackers to circumvent regulations. Choose a centralized platform that is interoperable with several firewall suppliers.

Firewall 120

Firewall Network Security Backups Education 120

eSecurity Planet

JANUARY 16, 2024

Keep an eye out for security announcements from your firewall vendors; it’s possible additional similar vulnerabilities will come to light. The problem: Juniper Networks released a bulletin about a remote code execution vulnerability in its SRX firewalls and EX switches. This vulnerability is tracked as CVE-2024-21591.

Firewall 109

Firewall Firmware IoT Authentication 109

Security Affairs

JUNE 1, 2023

Threat actors are actively exploiting a command injection flaw, tracked as CVE-2023-28771, in Zyxel firewalls to install malware. Threat actors are actively attempting to exploit a command injection vulnerability, tracked as CVE-2023-28771 , that impacts Zyxel firewalls. in its firewall devices. USG FLEX ZLD V4.60 VPN ZLD V4.60

Firewall 98

Firewall Firmware VPN DDOS 98

SC Magazine

FEBRUARY 3, 2021

x firmware. x firmware, which malicious actors exploited in a cyberattack against the infosec firm last month. . SonicWall’s firmware update to version 10.2.0.5-29sv The post SonicWall issues firmware patch after attackers exploited critical bugs appeared first on SC Media. SonicWall). 31 and Feb.

Firmware 95

Firmware Mobile InfoSec Firewall 95

eSecurity Planet

FEBRUARY 21, 2024

A firewall audit is a procedure for reviewing and reconfiguring firewalls as needed so they still suit your organization’s security goals. Auditing your firewall is one of the most important steps to ensuring it’s still equipped to protect the perimeter of your business’ network.

Firewall 113

Firewall Firmware Software Risk 113

Security Affairs

MAY 13, 2022

Zyxel addressed a critical flaw affecting Zyxel firewall devices that allows unauthenticated, remote attackers to gain arbitrary code execution. affecting Zyxel firewall devices that enables unauthenticated and remote attackers to gain arbitrary code execution as the “nobody” user. Commands are executed as the nobody user.”

Firewall 98

Firewall Firmware VPN Wireless 98

Penetration Testing

JUNE 15, 2025

The flaws, tracked as CVE-2025-45984 through CVE-2025-45988, affect a wide range of firmware versions used in both consumer and enterprise-grade networking equipment. Shared Affected Codebase: Each flaw targets the same goahead binary and associated shared object, amplifying the impact across models and firmware versions.

Firmware 64

Firmware DNS Penetration Testing Advertising 64

Krebs on Security

JUNE 25, 2021

The My Book Live and My Book Live Duo devices received its final firmware update in 2015. We are actively investigating the issue and will provide an updated advisory when we have more information.” . “In some cases, this compromise has led to a factory reset that appears to erase all data on the device.

Internet 334

Internet Internet Backups Small Business 334

Security Affairs

DECEMBER 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog. Attackers can use malformed XML requests to access arbitrary server files containing account information. appears to have been exploited by attackers in the wild.

Firewall 114

Firewall Authentication Accountability Firmware 114

Security Affairs

NOVEMBER 14, 2023

The attackers exploited zero-day vulnerabilities in Zyxel firewalls used by many critical infrastructure operators in Denmark. On April 25, 2023, Zyxel disclosed a critical vulnerability (CVSS score 9.8), tracked as CVE-2023-28771 , in a number of their firewalls. through 4.73, VPN series firmware versions 4.60 through 5.35.

Cyber Attacks 140

Cyber Attacks Firmware Firewall VPN 140

Security Affairs

JANUARY 14, 2024

The attackers exploited zero-day vulnerabilities in Zyxel firewalls used by many critical infrastructure operators in Denmark. On April 25, 2023, Zyxel disclosed a critical vulnerability (CVSS score 9.8), tracked as CVE-2023-28771 , in a number of their firewalls. through 4.73, VPN series firmware versions 4.60 through 5.35.

Firewall 137

Firewall Firmware Cyber Attacks VPN 137

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall 98

Firewall VPN Firmware Internet 98

Security Affairs

MAY 17, 2022

US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-30525 RCE flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog. affecting Zyxel firewall devices that enables unauthenticated and remote attackers to gain arbitrary code execution as the “nobody” user. Commands are executed as the nobody user.”

Firewall 98

Firewall VPN Firmware Internet 98

SecureWorld News

JUNE 9, 2025

The onboard router that serves crew and passengers has been identified as one of the top cyber vulnerabilities , particularly if administrators neglect routine password changes and firmware updates. million passengers —including passport details, birth dates, frequent-flier numbers, phone numbers, and credit card information.

Cybersecurity 117

Cybersecurity Social Engineering Computers and Electronics Risk 117

Security Affairs

JANUARY 29, 2025

In mid-July 2024, Mitel addressed the vulnerability with the release of firmware updates. “In his GitHub README, Burns reported that he found that the Mitel 6869i SIP phone, firmware version 6.3.0.1020, failed to sanitize user-supplied input properly, and he found multiple endpoints vulnerable to this. HF1 (R6.4.0.136).

DDOS 69

DDOS Firmware Malware Firewall 69

Pen Test Partners

MAY 21, 2025

Host-based Firewall Its not uncommon to find host-based firewalls to be missing or disabled, particularly for Windows hosts and Embedded Systems. Even when a host firewall is enabled, overly permissive firewall rules often allow unintended network access.

Firewall 52

Firewall Firmware Engineering Penetration Testing 52

DoublePulsar

JANUARY 15, 2025

Having a full device config including all firewall rules is a lot of information. If you are in scope, may need to change device credentials and assess risk of firewall rules being publicly available. The outlier device appears to have a pre-production version of firmware 7.2.2, Somebody just released them.

Firewall 81

Firewall VPN Passwords Firmware 81

Security Affairs

JUNE 13, 2023

“For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release. BleepingComputer reported that searching for Fortigate firewalls exposed online there are more than 250K installs worldwide , most of them in the US. through 6.2.13

Firewall 98

Firewall VPN Firmware Manufacturing 98

Hacker Combat

SEPTEMBER 22, 2022

Customers can access their devices through the web using this cloud platform without directly exposing them to the internet, allowing them to keep the devices hidden behind a firewall or network address translation (NAT) router. The vendor has released firmware version 1.42.06162022 to address the problem.

Firmware 130

Firmware Firewall Manufacturing Internet 130

Malwarebytes

FEBRUARY 24, 2022

According to WatchGuard , Cyclops Blink may have affected approximately 1% of active firewall appliances, which are devices mainly used by business customers. Cyclops Blink has been found in WatchGuard’s firewall devices since at least June 2019. Mitigation and detection.

Malware 145

Malware Firewall Firmware DDOS 145

Security Affairs

SEPTEMBER 6, 2024

. “An improper access control vulnerability has been identified in the SonicWall SonicOS management access and SSLVPN, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash.” However SonicWall recommends youinstall the latest firmware. 5035 and older versions.

Firewall 128

Firewall Passwords Internet Internet 128

Security Affairs

SEPTEMBER 7, 2022

flaw is classified as a format string vulnerability that resides in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0. Below is the list of affected models and the firmware patches released by the company. Zyxel addressed a critical vulnerability, tracked as CVE-2022-34747 , impacting its network-attached storage (NAS) devices.

Firewall 104

Firewall Firmware Authentication VPN 104

Security Affairs

JANUARY 6, 2021

The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. Firmware version 4.60 The password for this account can be found in cleartext in the firmware.” reads the advisory published by NIST.

Firmware 127

Firmware Passwords Accountability Firewall 127

Malwarebytes

AUGUST 1, 2022

This web server is present in Arris firmware which can be found in several router models. Unfortunately the Arris firmware is based on the vulnerable version of muhttpd. Configuration information including the TR-069 protocol in use by an internet service provider (ISP). Port forwarding configuration information.

Firmware 145

Firmware Internet Internet Passwords 145

Security Affairs

SEPTEMBER 9, 2019

A DoS attack that caused disruptions at a power utility in the United States exploited a flaw in a firewall used in the facility. The incident took place earlier this year, threat actors exploited a known vulnerability in a firewall used by the affected facility to cause disruption. and 7 p.m., power grid ( Energywire , April 30). .

Energy and Utilities 108

Energy and Utilities Firewall Firmware Advertising 108

Security Affairs

OCTOBER 5, 2020

Unlike other IoT DDoS botnets, Ttint implements 12 remote access functions such as Socket5 proxy for router devices, tampering with router firewall and DNS settings, executing remote custom system commands. According to the experts, Tenda routers running a firmware version between AC9 to AC18 are vulnerable to the attack.

IoT 145

IoT Firmware DNS Advertising 145

Security Affairs

JUNE 4, 2023

Zyxel has published guidance for protecting firewall and VPN devices from the ongoing attacks recently discovered. Zyxel has published guidance for protecting firewall and VPN devices from ongoing attacks exploiting CVE-2023-28771 , CVE-2023-33009 , and CVE-2023-33010 vulnerabilities. in its firewall devices. Patch 1 ZLD V5.36

Firmware 98

Firmware VPN Firewall Hacking 98

Security Affairs

JUNE 20, 2023

The vulnerability is a pre-authentication command injection issue that impacts the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, 14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, 11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0. in its firewall devices.

Firmware 98

Firmware Firewall Authentication VPN 98

Security Affairs

NOVEMBER 29, 2020

“Claroty has privately disclosed details to Real Time Automation (RTA), informing the vendor of a critical vulnerability in its proprietary 499ES EtherNet/IP (ENIP) stack. Experts was that vendors may have bought vulnerable versions of this stack before the 2012 update and are still using it in their firmware.

Hacking 142

Hacking Firmware Internet Internet 142

Security Affairs

JANUARY 20, 2020

Expert found a hardcoded SSH public key in Fortinet ’s Security Information and Event Management FortiSIEM that can allow access to the FortiSIEM Supervisor. . The feature was implemented to enable connecting to collectors from the supervisor when there is a firewall between the collector and the supervisor.

Authentication 145

Authentication Advertising Firmware Firewall 145