Fortinet’s Security Appliances Suffer from Remote Code Execution Vulnerability
An American multinational corporation Fortinet has discovered a critical vulnerability in its software that can be used by unauthenticated attackers to get full control over a targeted system, providing a particular daemon is active. The vulnerability has been discovered by Orange Group security researcher Cyrille Chatras who reported about it to Fortinet privately for responsible disclosure. The vulnerability is located in FortiManager and FortiAnalyzer’s fgfmsd daemon, which if running and vulnerable can be exploited over the network. According to the vendor, the flaw identified (CWE-416) can allow a remote, non-authenticated attacker to execute unauthorised code as root via sending a specifically crafted request to the FGFM port of the targeted device.
Binaré highlights that the bigger is the business, the more complicated and costly are the consequences of the cyber attack. Binaré advises big business players to integrate cybersecurity as part of their business, for example, by using Binaré’s automated IoT vulnerability management and firmware analysis platform. Check your firmware/IoT device for FREE with our Demo here: https://binare.io/.
More information about the incident: https://www.theregister.com/2021/07/20/fortinet_rce/
Critical Vulnerabilities Identified in Firmware Used by Many IP Camera Vendors
French cybersecurity firm RandoriSec has identified multiple serious flaws in the firmware of IP cameras offered by a dozen vendors which makes them open for remote attacks. The vulnerable firmware is made by UDP Technology, a South Korea-based company that provides digital video solutions for the security and IP surveillance industries. RandoriSec highlights that it has been discovering new flaws in UDP Technology firmware since 2017. The last time the company discovered 11 remote code execution flaws and one authentication bypass issue. According to RandoriSec founder Davy Douhine, the authentication bypass vulnerability the researchers have found can be used to hack impacted IP cameras directly from the internet. The number of affected devices exceeds 140 and they are mainly located in the US and the UK.
Binaré’s platform will check your IoT device, e.g. IP camera, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident: https://www.securityweek.com/serious-vulnerabilities-found-firmware-used-many-ip-camera-vendors?&web_view=true
Security Vulnerabilities Identified in IDEMIA Access Control Devices
According to the security researchers, discovered flaws in biometric access control devices manufactured by IDEMIA could result in remote code execution (RCE), denial of service, and the reading and writing of arbitrary files. Vladimir Nazarov, head of ICS security at Positive Technologies, adds that exploitation of this flaw allows attackers to bypass the biometric identification provided by the IDEMIA devices and this, in turn, would allow criminals to open doors controlled by the device and enter secured areas. Researchers from Positive Technologies have identified three vulnerabilities that affect biometric access control devices:
- CVE-2021-35522 (CVSS 9.8): A critical buffer overflow vulnerability with a CVSS score of 9.8 that could allow attackers to remotely execute arbitrary code.
- CVE-2021-35520 (CVSS 6.2): A heap overflow vulnerability in the serial port handler which can cause denial of service – but only if the attacker has physical access to the serial port.
- CVE-2021-35521 (CVSS 5.9): A path traversal bug which can allow an attacker to read and write arbitrary files on an affected device, potentially allowing unauthorized execution of privileged commands.
Binaré provides IoT device manufacturers with a platform that checks an IoT device for a wide range of vulnerabilities and security issues (including SBoM/Software-Bill-of-Materials and risky components dependencies) and gives an IoT device manufacturer a detailed report on them. Make a step towards security of your IoT business already today: try our FREE Demo at https://binare.io/!
More information about the incident: https://portswigger.net/daily-swig/security-vulnerabilities-in-idemia-access-control-devices-could-allow-attackers-to-remotely-open-doors?&web_view=true
A Bunch of Malware on Pulse Secure Devices Identified
More than a dozen malware samples have been identified targeting flawed Pulse Secure devices to target U.S. government agencies, critical infrastructure entities, and private sector organizations. According to CISA analytical report, 13 malicious threats have been identified on compromised Pulse Secure devices. Some of the malware were found to be dropping multiple files on the targeted machines. The hackers exploit multiple flaws including CVE-2020-8243, CVE-2019-11510, CVE-2021-2289, and CVE-2020-8260 for initial access to placing web shells for deploying backdoors.
Binaré has come up with a solution that prevents businesses from cyber-attacks. Binaré is concerned about the security of IoT device your business is using. Come to our web page and check your device with our FREE Demo! The link for the web page: https://binare.io/.
More information about the incident: https://cyware.com/news/dozens-of-malware-on-pulse-secure-devices-targeting-us-organizations-fc6e46a1
Backdoored Packages Discovered in Python’s PyPI Library Hub – Open Way for Credit Card Stealing
The JFrog security research team has discovered malicious libraries capable of lifting credit card numbers and opening backdoors on infected machines in PyPI, the official third-party software repository for Python. The goal of this supply chain attack is to steal data and cause other havoc on machines that have these dependencies installed. The PyPI team has recently patched a remote-code execution hole in their platform, which potentially could have been exploited to hijack the entire hub of Python libraries.
Binaré is concerned about the security of an IoT device you are using. Come to our web page and check your IoT device for security vulnerabilities with our FREE Demo! The link for the web page: https://binare.io.
More information about the incident: https://www.theregister.com/2021/08/02/in_brief_security/
Critical Vulnerability Discovered in STMicroelectronics STM32Cube
A security flaw (CVSS score of 5.5) has been found in STMicroelectronics STM32Cube up to 1.8.0. This issue affects the function
USBH_ParseEPDesc. The flaw allows attackers to execute arbitrary code and is easy to exploit. For the attack access to the local network is required. Exploitation of a vulnerability requires a simple authentication.
Binaré provides you not only with the platform but also with professional services that will help your business to avoid cyberattacks. Get an improved cybersecurity posture with Binaré’s expert and advisory services! Sign up here https://try.binare.io/get_in_touch and we will reach out to you as soon as possible.
More information about the incident: https://vuldb.com/?id.179471
PwnedPiper Flaws Affect 80% of Major Hospitals in North America
9 vulnerabilities (known as PwnedPiper), that affect a common type of medical equipment that’s installed in roughly 80% of all major hospitals in North America, have been discovered. The vulnerabilities are discovered in the Nexus Control Panel, the software that doctors and nurses use to control how medical material moves between hospital sections. According to IoT security firm Armis, these vulnerabilities allow an unauthenticated attacker to take over Translogic PTS stations, complex systems that use compressed air to move medical supplies using tubes that connect different departments inside large hospitals, and essentially get complete control over the PTS network of a target hospital. PwnedPiper vulnerabilities identified:
- CVE-2021-37163 – Two hardcoded passwords accessible through the Telnet server
- CVE-2021-37167 – User script run by root can be used for PE
- CVE-2021-37161 – Underflow in udpRXThread
- CVE-2021-37162 – Overflow in sccProcessMsg
- CVE-2021-37165 – Overflow in hmiProcessMsg
- CVE-2021-37164 – Off-by-three stack overflow in tcpTxThread
- CVE-2021-37166 – GUI socket Denial Of Service
- CVE-2021-37160 – Unauthenticated, unencrypted, unsigned firmware upgrade
Medical equipment is one category of IoT devices Binare’s platform intends to protect. Hospital information is very sensitive data that requires high-level protection and Binare is here to help! Come to our web page and check your device with our FREE Demo! The link for the web page: https://binare.io/.
More information about the incident: https://therecord.media/pwnedpiper-vulnerabilities-impact-80-of-major-hospitals-in-north-america/
Free icons courtesy of flaticon.com by authors: Freepik