Security News

Cisco has fixed 33 CVE-numbered flaws in a variety of its devices, including five critical ones affecting RV-series VPN routers and firewalls and Cisco Prime License Manager, which is used by enterprises to manage user-based licensing. Cisco Small Business RV110W Wireless-N VPN Firewalls with firmware releases prior to v1.2.2.8 can be taken over by attackers via a system account has a default and static password.

A Trend Micro research is warning consumers of a major new wave of attacks attempting to compromise their home routers for use in IoT botnets. "Cybercriminals know that a vast majority of home routers are insecure with default credentials and have ramped up attacks on a massive scale. For the home user, that's hijacking their bandwidth and slowing down their network. For the businesses being targeted by secondary attacks, these botnets can totally take down a website, as we've seen in past high-profile attacks."

Cisco on Wednesday released security advisories to inform customers of several critical vulnerabilities that can be exploited remotely to hack small business routers and firewalls that are no longer being sold. One of the critical flaws, which is tracked as CVE-2020-3330 and has a CVSS score of 9.8, affects Cisco Small Business RV110W Wireless-N VPN firewalls and it allows a remote and unauthenticated attacker to take full control of a device by connecting to it using a default and static password.

A newly identified version of the Mirai Internet of Things botnet includes an exploit for a vulnerability impacting Comtrend routers. According to Trend Micro's security researchers, this is the first botnet version to target CVE-2020-10173, a vulnerability in the Comtrend VR-3033 routers.

A security review of 127 popular home routers found most contained at least one critical security flaw, according to researchers. On average, the routers analyzed-by vendors such as D-Link, Netgear, ASUS, Linksys, TP-Link and Zyxel-were affected by 53 critical-rated vulnerabilities, with even the most "Secure" device of the bunch having 21 CVEs, according to the report.

Cisco on Wednesday announced that it has patched several vulnerabilities affecting its products, including flaws in Small Business routers and switches. Of the eight vulnerabilities for which Cisco published an advisory this week, only CVE-2020-3297 has been rated high severity.

Cisco has patched a cross-site scripting vulnerability in two VPN routers it sells to small businesses and branch offices. By default, the management feature is disabled for remote users, though it is enabled for people on the same LAN. "A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information," Cisco explained in its advisory yesterday.

Netgear has now patched 28 out of 79 vulnerable router models, six months after infosec researchers first noticed security problems potentially allowing an attacker to remotely execute code as root. Over the past few weeks Netgear has been pushing out fixes, having so far plugged problems with 28 of the 79 models it says are affected by the unwanted remote-superuser flaw.

UPDATED. Researchers this week said they discovered an unpatched, zero-day vulnerability in firmware for Netgear routers that put 79 device models at risk for full takeover, they said. The flaw, a memory-safety issue present in the firmware's httpd web server, allows attackers to bypass authentication on affected installations of Netgear routers, according to two separate reports: One on the Zero Day Initiative by a researcher called "d4rkn3ss" from the Vietnam Posts and Telecommunications Group; and a separate blog post by Adam Nichols of cybersecurity firm Grimm.

Cisco is warning of three high-severity flaws in its popular Webex web conferencing app, including one that could allow an unauthenticated attacker to remotely execute code on impacted systems. "An attacker could exploit this vulnerability by sending crafted requests to a vulnerable Cisco Webex Meetings or Cisco Webex Meetings Server site," according to Cisco's security update.