Security News > 2020 > December > Millions of Devices Affected by Vulnerabilities Used in Stolen FireEye Tools

Millions of Devices Affected by Vulnerabilities Used in Stolen FireEye Tools
2020-12-23 12:00

Millions of devices are exposed to potential attacks exploiting the vulnerabilities used in the tools that threat actors recently stole from FireEye, security and compliance solutions provider Qualys reported on Tuesday.

Qualys said it identified more than 7.5 million instances related to vulnerabilities associated with the stolen FireEye tools and compromised versions of the SolarWinds Orion product.

As FireEye pointed out when it announced that threat actors breached its systems and stole some of its Red Team assessment tools, no zero-day vulnerabilities are exploited by these tools, which means patches and mitigations are available for each of the security holes.

The stolen FireEye tools exploit 16 known vulnerabilities affecting products from Pulse Secure, Microsoft, Fortinet, Atlassian, Citrix, Zoho, and Adobe.

Vulnerability remediation orchestration firm Vulcan Cyber has also shared a brief analysis of the FireEye tool vulnerabilities.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/vSLoY6qZh00/millions-devices-affected-vulnerabilities-used-stolen-fireeye-tools

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Fireeye 8 0 8 2 0 10