SonicWall Issues Patch for Exploit Chain in SMA Devices
Three vulnerabilities in SMA 100 gateways could facilitate root RCE attacks, and one of the vulnerabilities has already been exploited in the wild.
Root access gives an attacker or administrator complete control of a Unix-like system, allowing changes to data, software, accounts, and security settings.
Search across headline titles and summaries.
Background for this topic.
Root access is unrestricted administrative control of a Unix or Linux system. The root account, or an equivalent privilege obtained through mechanisms such as sudo, can read or change nearly any file, alter system configuration, install software, and control running processes. Related uses of “root” may describe equivalent administrator privileges in containers, cloud workloads, network appliances, or mobile devices.
Because root privileges can bypass ordinary access controls, stolen administrative credentials or a vulnerability that enables privilege escalation can let an attacker modify security settings, access protected data, establish persistence, or disrupt the host. Organizations generally reduce exposure by disabling direct root login where practical, using named administrator accounts with least privilege, protecting privileged authentication with strong controls, and recording and reviewing elevation events. Vulnerability management should prioritize flaws that can grant local or remote root-level execution; during an incident, investigators must assess whether root access was obtained and treat the host’s integrity as potentially compromised.
Three vulnerabilities in SMA 100 gateways could facilitate root RCE attacks, and one of the vulnerabilities has already been exploited in the wild.
Not Just Ransomware But Verbal Disclosure of Personal Data Common, Watchdog FindsTwo decades after California Senate Bill 1386 introduced the world to data breach notifications, organizations have collectively battened down their cybersecurity hatches and fixed the problem once and for all. Of course, I'm joking, with the results of recent data breach root cause report in hand.
SonicWall has released patches to address three security flaws affecting SMA 100 Secure Mobile Access (SMA) appliances that could be fashioned to result in remote code execution
Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system