Critical Vulnerabilities Discovered in Industrial Wireless Access Point
Customers of Advantech’s EKI-6333AC-2G industrial-grade wireless access point have been urged to update their devices to new firmware versions
Stay updated on firmware security: Explore the latest threats, updates, and protection strategies for safeguarding critical system software.
Search across headline titles and summaries.
Background for this topic.
Firmware is software stored in a device’s nonvolatile memory that initializes and controls hardware, often before an operating system or application runs. It may reside in computers, network equipment, phones, industrial controllers, storage devices, and embedded components. Firmware can be updated, so it is not necessarily permanent or read-only.
Firmware matters to security because vulnerabilities or unauthorized changes can affect a device beneath the operating system and may persist across software reinstallation. Important controls include authenticated, cryptographically signed updates; secure boot, which verifies code before execution; protection against unauthorized flashing and downgrade attacks; and a reliable recovery mechanism. Practitioners also need firmware inventories, vulnerability tracking, and a supported update process, since obscure components can remain unpatched or use insecure update mechanisms. During an investigation, verifying firmware integrity and the device’s boot chain can help distinguish an operating-system compromise from a deeper modification.
Customers of Advantech’s EKI-6333AC-2G industrial-grade wireless access point have been urged to update their devices to new firmware versions
Cybersecurity researchers have shed light on what has been described as the first Unified Extensible Firmware Interface (UEFI) bootkit designed for Linux systems