Connect with us

Hi, what are you looking for?

Tech & Science

Zyxel warns of flaws impacting firewalls and controllers

If organizations are relying on conventional approaches to vulnerability management, they may only move to patch the highest severity vulnerabilities.

A member of the Red Hacker Alliance in Dongguan, China in August 2020 monitors cyberattacks around the world. Hacks have increased through the pandemic and the war in Ukraine
A member of the Red Hacker Alliance in Dongguan, China in August 2020 monitors cyberattacks around the world. Hacks have increased through the pandemic and the war in Ukraine - Copyright AFP/File Noel Celis
A member of the Red Hacker Alliance in Dongguan, China in August 2020 monitors cyberattacks around the world. Hacks have increased through the pandemic and the war in Ukraine - Copyright AFP/File Noel Celis

A recent security advisory, issued by Zyxel, warns administrators of multiple vulnerabilities affecting a wide range of firewall, AP, and AP controller products. The main flaws in the announcement are:

  • CVE-2022-0734: Medium severity (CVSS v3.1 – 5.8) cross-site scripting vulnerability in the CGI component, allowing attackers to use a data-stealing script to snatch cookies and session tokens stored in the user’s browser.
  • CVE-2022-26531: Medium severity (CVSS v3.1 – 6.1) improper validation flaw in some CLI commands, allowing a local authenticated attacker to cause a buffer overflow or system crash.
  • CVE-2022-26532: High severity (CVSS v3.1 – 7.8) command injection flaw in some CLI commands, allowing a local authenticated attacker to execute arbitrary OS commands.
  • CVE-2022-0910: Medium severity (CVSS v3.1 – 6.5) authentication bypass vulnerability in the CGI component, allowing an attacker to downgrade from two-factor authentication to one-factor authentication via an IPsec VPN client.

Looking at these vulnerabilities more closely for Digital Journal is Alastair Williams, Vice President of Worldwide Systems Engineering at Skybox.

Williams assesses the newly identified weaknesses, noting: “The fact that these vulnerabilities do not carry a critical rating does not mean organizations shouldn’t be quick to patch.”

He further cautions: “If organizations are relying on conventional approaches to vulnerability management, they may only move to patch the highest severity vulnerabilities first based on the Common Vulnerability Scoring System.”

The Common Vulnerability Scoring System is a free and open industry standard for assessing the severity of computer system security vulnerabilities.

This is a concern because: “Cybercriminals know this is how many companies handle their cybersecurity, so they’ve learned to take advantage of vulnerabilities seen as less critical to carry out their attacks.”

Williams clarifies to businesses that: “It is especially important to heed this new warning as we approach a holiday weekend. In the last year, we have seen a trend of bad actors taking advantage of holiday weekends in the U.S. to target organizations.”

Drawing on recent history, Williams finds: “We saw this happen with the Colonial Pipeline ransomware attack over Mother’s Day weekend [U.S. date], the attack on JBS over Memorial Day weekend, and the ransomware attack against Kaseya during the July 4th holiday [a U.S. national event].”

Williams turns his attention to practical advice, proposing: “To stay ahead of cybercriminals, companies need to address vulnerability exposure risks before hackers attack them. That means taking a more proactive approach to vulnerability management by learning to identify and prioritize exposed vulnerabilities across the entire threat landscape.”

He adds that: “Organizations should prioritize based on exposure-based risk scores, and close with prescriptive remediation options.”

In essence, Williams’ message is: “It’s essential for organizations to increase the maturity of their vulnerability management programs to ensure they can quickly discover if they are impacted by vulnerabilities and how urgent it is to remediate.”

Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

World

Global media in general doesn’t get this war. Just look at the headlines any day of the week.

Business

Google announced Friday it would delete users' location history when they visit abortion clinics.

Business

Sports, film and music stars have all flocked to the NFT market to buy pictures of apes, endorse corporate partners or even launch their...

Tech & Science

A green tea extract has been demonstrated as reducing the severity of radiation-induced dermatitis.