Stay updated on firmware security: Explore the latest threats, updates, and protection strategies for safeguarding critical system software.
Search across headline titles and summaries.
Background for this topic.
Firmware is the low-level software programmed into the read-only memory of a device that provides the necessary instructions for how that device communicates with other hardware. This foundational code acts as the bridge between the device's hardware and software, enabling the functionality of physical components.
In the context of information security, firmware plays a crucial role as it often controls the basic security functions of a device. Its integrity and security are paramount, as compromised firmware can lead to vulnerabilities at the most fundamental level of the technology. Cybersecurity threats targeting firmware include malicious firmware updates, attacks on firmware during the boot process, and exploits that take advantage of firmware bugs to gain unauthorized access or control over hardware. Securing firmware involves various strategies including regular updates, cryptographic signing of firmware updates, secure boot processes, and hardware-level protections against unauthorized modifications.
Weekly headline count for the current query.
Google has announced the integration of a Rust-based Domain Name System (DNS) parser into the modem firmware as part of its ongoing efforts to beef up the security of Pixel devices and push memory-safe code at a more foundational level
TP-Link has patched several vulnerabilities in its Archer NX router series, including a critical-severity flaw that may allow attackers to bypass authentication and upload new firmware. [...]
Internet-Connected Remote Access Tools Operate at UEFI LevelA flood of lost-cost devices for remote IP control of servers or human-machine interfaces has roused a concomitant wave of security warnings about their security defects. Firmware security company Eclypsium probed devices made by four KVM vendors, discovering nine vulnerabilities.
Texas sued networking giant TP-Link Systems, accusing the company of deceptively marketing its routers as secure while allowing Chinese state-backed hackers to exploit firmware vulnerabilities and access users' devices. [...]
State disputes the company's claim that its routers are made in Vietnam TP-Link is facing legal action from the state of Texas for allegedly misleading consumers with "Made in Vietnam" claims despite China-dominated manufacturing and supply chains, and for marketing its devices as secure despite reported firmware vulnerabilities exploited by Chinese state-sponsored actors.…
A new Android backdoor that's embedded deep into the device firmware can silently harvest data and remotely control its behavior, according to new findings from Kaspersky
A newly discovered and sophisticated Android malware called Keenadu has been found embedded in firmware from multiple device brands, enabling it to compromise all installed applications and gain unrestricted control over infected devices. [...]
Mitigation: SSO Access Restricted After Attackers Compromised Fully Patched DevicesNetwork security giant Fortinet locked out cloud customers from its single sign-on service until they update device firmware with a patch against active attacks exploiting an improper access control zero day. Only Fortinet devices running the latest, patched firmware versions can use Fortinet SSO.
Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks by blocking FortiCloud SSO connections from devices running vulnerable firmware versions. [...]
Fix landed in July, but OEM firmware updates are required If you use virtual machines, there's reason to feel less-than-Zen about AMD's CPUs. Computer scientists affiliated with the CISPA Helmholtz Center for Information Security in Germany have found a vulnerability in AMD CPUs that exposes secrets in its secure virtualization environment.…
The CERT Coordination Center (CERT/CC) has disclosed details of an unpatched security flaw impacting TOTOLINK EX200 wireless range extender that could allow a remote authenticated attacker to gain full control of the device
The UEFI firmware implementation in some motherboards from ASUS, Gigabyte, MSI, and ASRock is vulnerable to direct memory access (DMA) attacks that can bypass early-boot memory protections. [...]
Certain motherboard models from vendors like ASRock, ASUSTeK Computer, GIGABYTE, and MSI are affected by a security vulnerability that leaves them susceptible to early-boot direct memory access (DMA) attacks across architectures that implement a Unified Extensible Firmware Interface (UEFI) and input–output memory management unit (IOMMU)
ASUS has released new firmware to patch nine security vulnerabilities, including a critical authentication bypass flaw in routers with AiCloud enabled. [...]
ASUS has released new firmware to patch a critical authentication bypass security flaw impacting several DSL series router models. [...]
TP-Link has made firmware updates available for a broad range of Omada gateway models to address four vulnerabilities, among which a critical pre-auth OS command injection. [...]
Eclypsium Researchers Find UEFI Weakness in Framework Laptops and DesktopsRoughly 200,000 laptops and desktops made by modular sensation Framework contain a firmware vulnerability allowing attackers to disable Secure Boot and run unsigned code, say security researchers.
Microsoft is working to resolve a bug that causes Defender for Endpoint to incorrectly tag some devices' BIOS (Basic Input/Output System) firmware as outdated, prompting users to update it. [...]
Western Digital has released firmware updates for multiple My Cloud NAS models to patch a critical-severity vulnerability that could be exploited remotely to execute arbitrary system commands. [...]
'Opportunistic, Mass Exploitation' Campaign Surging, Say Cybersecurity ResearchersAttackers wielding Akira ransomware appear to be engaged in an "opportunistic, mass exploitation" of SonicWall SSL VPN servers, even when they're using the latest firmware and configured to require multifactor authentication one-time passwords, warn cybersecurity researchers.