The development comes as cybersecurity agencies from Australia, Canada, Germany, Japan, the Netherlands, New Zealand, South Korea, the U.K., and the U.S. issued joint guidance for critical infrastructure organizations to help maintain a safe, secure operational technology (OT) environment. "These vulnerabilities could enable attackers to take control of a router by injecting malicious code, allowing them to persist on the device and use it as a gateway into enterprise networks," Forescout Vedere Labs said in a technical report shared with The Hacker News. "Quickly filtering decisions to identify those that impact the security of OT will enhance the making of robust, informed, and comprehensive decisions that promote safety, security and business continuity when designing, implementing, and managing OT environments," the agencies said. A little over a dozen new security vulnerabilities have been discovered in residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices. Forescout's analysis found that over 704,000 DrayTek routers have their Web UI exposed to the internet, making it an attack-rich surface for malicious actors. Struggling to convey cybersecurity risks to your board? Our eBook offers actionable insights for CISOs, helping you present accurate, meaningful reports with confidence. It concerns a buffer overflow bug in the "GetCGI()" function in the Web user interface that could lead to a denial-of-service (DoS) or remote code execution (RCE) when processing the query string parameters. Following responsible disclosure, patches for all the identified flaws have been released by DrayTek, with the max-rated vulnerability also addressed in 11 end-of-life (EoL) models. Another critical vulnerability relates to a case of operating system (OS) command injection in the "recvCmd" binary used for communications between the host and guest OS.
This Cyber News was published on thehackernews.com. Publication date: Wed, 02 Oct 2024 14:43:05 +0000