Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass and Firmware Exploits

An exhaustive evaluation of three firewall models from Palo Alto Networks has uncovered a host of known security flaws impacting the devices' firmware as well as misconfigured security features. "These weren't obscure, corner-case vulnerabilities," security vendor Eclypsium said in a report share...

Researchers Uncover Major Security Flaw in Illumina iSeq 100 DNA Sequencers

Cybersecurity researchers have uncovered firmware security vulnerabilities in the Illumina iSeq 100 DNA sequencing instrument that, if successfully exploited, could permit attackers to brick or plant persistent malware on susceptible devices. "The Illumina iSeq 100 used a very outdated...

Over 1 Million Domains at Risk of 'Sitting Ducks' Domain Hijacking Technique

Over a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack. The powerful attack vector, which exploits weaknesses in the domain name system DNS, is being exploited by over a dozen Russian-nexus cybercriminal actors to stealthily...

Vulnerabilities in BIG-IP Next Central Manager allows control of managed devices

Introduction In May 2024, new vulnerabilities have been identified in BIG-IP Next Central Manager, raising considerable security concerns. This discovery follows closely on the heels of a critical vulnerability revealed in April within Palo Alto's firewalls with enabled GlobalProtect feature, whi...

Critical F5 Central Manager Vulnerabilities Allow Enable Full Device Takeover

Two security vulnerabilities have been discovered in F5 Next Central Manager that could be exploited by a threat actor to seize control of the devices and create hidden rogue administrator accounts for persistence. The remotely exploitable flaws "can give attackers full administrative control of...

Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices

Cybersecurity researchers have found "backdoor-like behavior" within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format. Firmware security firm Eclypsium said it first detected the anomaly in April 2023...

Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices

Cybersecurity researchers have found "backdoor-like behavior" within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format. Firmware security firm Eclypsium said it first detected the anomaly in April 2023...

K35236639: Supermicro BMC vulnerability

Security Advisory Description F5 is aware of the reports of vulnerabilities in the baseband management controllers BMCs of Supermicro servers. These vulnerabilities allow attackers to easily connect to a server and virtually mount any USB device to the server, remotely over any network, including...

30 million Dell devices affected by BIOSConnect code execution bugs

By Deeba Ahmed Eclypsium security researchers have discovered four major security vulnerabilities in Dell SupportAssist's BIOSConnect feature. This is a post from HackRead.com Read the original post: 30 million Dell devices affected by BIOSConnect code execution bugs...

30M Dell Devices at Risk for Remote BIOS Attacks, RCE

UPDATE A high-severity series of four vulnerabilities can allow remote adversaries to gain arbitrary code execution in the pre-boot environment on Dell devices, researchers said. They affect an estimated 30 million individual Dell endpoints worldwide. According to an analysis from Eclypsium, the...

GRUB2 Boothole Buffer Overflow Vulnerability (CVE-2020-10713) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR®

On July 29, 2020, Eclypsium researchers disclosed a high-risk vulnerability in GRUB2 GRand Unified Bootloader version 2 affecting billions of Linux and Windows systems, even when secure boot is enabled. CVE-2020-10713 is assigned to this buffer overflow vulnerability, termed as “Boothole”...

Billions of Devices Impacted by Secure Boot Bypass

Billions of Windows and Linux devices are vulnerable to cyberattacks stemming from a bug in the GRUB2 bootloader, researchers are warning. GRUB2 which stands for the GRand Unified Bootloader version 2 is the default bootloader for the majority of computing systems. Its job is to manage part of th...

GRUB2 bootloader is vulnerable to buffer overflow

Overview The GRUB2 boot loader is vulnerable to buffer overflow, which results in arbitrary code execution during the boot process, even when Secure Boot is enabled. Description GRUB2 is a multiboot boot loader that replaced GRUB Legacy in 2012. A boot loader is the first program that runs upon...

HPSBHF03654 rev. 2 - HP Wide Vision FHD Camera Firmware Security Update

Potential Security Impact Arbitrary Code Execution, Denial of Service Source: HP, HP Product Security Response Team PSRT Reported by: Rick Altherr of Eclypsium VULNERABILITY SUMMARY Potential security vulnerabilities in the HP Wide Vision FHD Camera firmware may allow the ability to update the...

Security Bulletin: NVIDIA NVFlash, GPUModeSwitch Tool - November 2019

NVIDIA has released a software security update for NVIDIA NVFlash Tool. This update addresses issues that may lead to escalation of privileges, information disclosure, or denial of service. This update is available only to NVIDIA OEMs and partners. Go to NVIDIA Product Security. Details This...

Driver Disaster: Over 40 Signed Drivers Can’t Pass Security Muster

LAS VEGAS – An insecure driver can be just what a hacker needs to get its foot in the door to a Windows environment. Compromised drivers are at the heart of massive security headaches ranging from recent Slingshot APT campaigns and LoJax malware. That’s why researchers at Eclypsium are sounding t...

Intel Patches High-Severity Flaw in Processor Diagnostic Tool

Intel has patched a high-severity vulnerability in its processor diagnostic tool, which could allow local attackers to launch several malicious attacks on affected devices, such as escalation of privilege or denial of service. The Intel Processor Diagnostic tool is a free product that allows user...