Security News > 2021 > March > Firewall Vendor Patches Critical Auth Bypass Flaw
Germany-based cybersecurity company Genua has fast-tracked a fix for a critical flaw in one of its firewall products.
Affected by the critical flaws is the GenuGate High Resistance Firewall, which Genua touts as a two-tier firewall that includes an application-level gateway and a packet filter for blocking malicious data.
"The High Resistance Firewall genugate satisfies the highest requirements: two different firewall systems - an application level gateway and a packet filter, each on separate hardware - are combined to form a compact solution. genugate is approved for classification levels German and NATO RESTRICTED and RESTREINT UE/EU RESTRICTED. genugate is certified according to CC EAL 4+". The vulnerable versions of the firewall include GenuGate versions below 10.1 p4; below 9.6 p7 and versions 9.0 and below Z p19.
The critical authentication bypass vulnerability stems from the GenuGate's various admin authentication methods.
Firewall vulnerabilities provide a dangerous route for attackers to infiltrate sensitive company networks.
In April, attackers started targeting the Sophos XG Firewall using a zero-day exploit, with the ultimate goal of dropping the Asnarok malware on vulnerable appliances.
News URL
https://threatpost.com/firewall-critical-security-flaw/164347/
Related news
- A critical vulnerability in Delinea Secret Server allows auth bypass, admin access (source)
- Critical GitHub Enterprise Server Flaw Allows Authentication Bypass (source)
- Veeam warns of critical Backup Enterprise Manager auth bypass bug (source)
- Critical Veeam Backup Enterprise Manager Flaw Allows Authentication Bypass (source)