Security News > 2022 > July > FileWave fixes bugs that left 1,000+ orgs open to ransomware, data theft
FileWave has fixed a couple vulnerabilities in its endpoint management software that could allow a remote attacker to bypass authentication and take full control of the deployment and associated devices.
Industrial control system security firm Claroty discovered the two bugs, tracked as CVE-2022-34907 and CVE-2022-34906, and says they exposed organizations across sectors - from large corporations to schools and government agencies and even small businesses - to risks including ransomware infections, sensitive data theft, and even remote device control.
More than 1,100 internet-reachable FileWave management instances, each with an "Unrestricted number" of managed devices, were vulnerable to attack, according to the security shop's Team82 researchers.
FileWave notified all affected users on April 26, and provided them with fixes for the flaws.
FileWave issued an update to address the bugs, and it's included in the patched software of versions 14.6.3, 14.7.2, as well as in the latest software release 14.8 and all future subsequent versions.
For fun, the researchers remotely dropped fake ransomware on each device.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/07/27/filewave_mdm_fixes/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-25 | CVE-2022-34907 | Use of Hard-coded Credentials vulnerability in Filewave 14.7.0 An authentication bypass vulnerability exists in FileWave before 14.6.3 and 14.7.x before 14.7.2. | 9.8 |
| 2022-07-25 | CVE-2022-34906 | Use of Hard-coded Credentials vulnerability in Filewave 14.7.0 A hard-coded cryptographic key is used in FileWave before 14.6.3 and 14.7.x before 14.7.2. | 0.0 |