SonicWall Firmware Update Contains Rootkit Malware, Warns Security Researchers

SonicWall, a leading cybersecurity company, recently issued a critical firmware update that was found to contain a rootkit malware. This alarming discovery was made by security researchers who warned users to be cautious when applying the update. The rootkit malware embedded in the firmware can provide attackers with persistent, stealthy access to affected devices, potentially compromising sensitive data and network integrity. This incident highlights the growing threat of supply chain attacks where trusted software updates are weaponized to distribute malware. Organizations using SonicWall devices are urged to verify the authenticity of updates and apply patches from official sources only. Additionally, cybersecurity teams should monitor network traffic for unusual activity indicative of rootkit presence and conduct thorough endpoint scans. The SonicWall firmware rootkit case serves as a stark reminder of the importance of robust security practices in firmware management and the need for continuous vigilance against sophisticated malware threats.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 23 Sep 2025 13:55:29 +0000

Cyber News related to SonicWall Firmware Update Contains Rootkit Malware, Warns Security Researchers

CVE-2022-40966 - Authentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass authentication and access the device. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, ...
2 years ago

SonicWall Firmware Update Contains Rootkit Malware, Warns Security Researchers - SonicWall, a leading cybersecurity company, recently issued a critical firmware update that was found to contain a rootkit malware. This alarming discovery was made by security researchers who warned users to be cautious when applying the update. The ...
2 weeks ago Cybersecuritynews.com CVE-2023-3519

CVE-2022-39044 - Hidden functionality vulnerability in multiple Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 ...
2 years ago

Rootkit Turns Kubernetes from Orchestration to Subversion - As software development focuses on continuous integration and deployment, orchestration platforms like Kubernetes have taken off, but that popularity has put them in attackers' crosshairs. Most successful attacks - at least those publicly reported - ...
1 year ago Darkreading.com

Wormable Linux Rootkit Attack Multiple Systems to Steal SSH Keys and Privilege Escalation - Cybersecurity researchers at ANY.RUN have uncovered a sophisticated attack leveraging the Diamorphine rootkit to deploy a cryptocurrency miner on Linux systems, highlighting the growing misuse of open-source tools in malicious campaigns. By replacing ...
5 months ago Cybersecuritynews.com

CVE-2018-0688 - Open redirect vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, ...
6 years ago

CVE-2018-0689 - HTTP header injection vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September ...
6 years ago

SonicWall releases SMA100 firmware update to wipe rootkit malware - SonicWall has released a critical firmware update for its SMA100 series appliances to address a severe rootkit malware infection. This update is designed to completely remove the malicious rootkit that had compromised the devices, ensuring enhanced ...
2 weeks ago Bleepingcomputer.com

178K+ SonicWall Firewalls Vulnerable to DoS, RCE Attacks - Two unauthenticated denial-of-service vulnerabilities are threatening the security of SonicWall next-generation firewall devices, exposing more than 178,000 of them to both DoS as well as remote code execution attacks. SonicWall products affected are ...
1 year ago Darkreading.com CVE-2022-22274 CVE-2023-0656

Krasue RAT Uses Cross-Kernel Linux Rootkit to Attack Telecoms - Attackers likely tied the creators of the XorDdos Linux remote access Trojan have been wielding a separate Linux RAT for nearly two years without detection, using it to target organizations in Thailand and maintain malicious access to infected ...
1 year ago Darkreading.com

Over 178K SonicWall firewalls vulnerable to DoS, potential RCE attacks - Security researchers have found over 178,000 SonicWall next-generation firewalls with the management interface exposed online are vulnerable to denial-of-service and potential remote code execution attacks. These appliances are affected by two DoS ...
1 year ago Bleepingcomputer.com CVE-2022-22274 CVE-2023-0656

CVE-2019-5995 - Missing authorization vulnerability exists in EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version ...
5 years ago

SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware - It is unclear how the hackers obtained initial access, but researchers investigating UNC6148 attacks noticed that the threat actor already had local administrator credentials on the targeted appliance. With shell access on the appliance, the threat ...
2 months ago Bleepingcomputer.com Abyss Hunters

25 Best Managed Security Service Providers (MSSP) - 2025 - Pros & Cons: ProsConsStrong threat intelligence & expert SOCs.High pricing for SMBs.24/7 monitoring & rapid incident response.Complex UI and steep learning curve.Flexible, scalable, hybrid deployments.Limited visibility into endpoint ...
3 months ago Cybersecuritynews.com

CVE-2019-6001 - Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware ...
6 years ago

CVE-2019-5994 - Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware ...
6 years ago

CVE-2019-5999 - Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware ...
5 years ago

CVE-2019-6000 - Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware ...
5 years ago

CVE-2019-5998 - Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware ...
5 years ago

Analyzing the SonicWall Custom Grub LUKS Encryption Modifications - During our initial analysis of a virtual machine image for the application, we discovered a customized LUKS encryption mechanism meant to hinder reverse engineering of the application. We were able to recover the LUKS decryption key by leveraging ...
1 year ago Securityboulevard.com

SonicWall Accelerates SASE Offerings; Acquires Proven Cloud Security Provider - PRESS RELEASE. MILPITAS, Calif. - January 3, 2024 - SonicWall, a global cybersecurity leader, today announced the acquisition of Banyan Security, a leading provider of security service edge solutions for the modern workforce. This acquisition ...
1 year ago Darkreading.com

SonicWall SMA1000 Vulnerability Let Attackers to Exploit Encoded URLs To Gain Internal Systems Access Remotely - SonicWall has issued a high-priority security advisory (SNWLID-2025-0010) revealing a critical Server-Side Request Forgery (SSRF) vulnerability in its SMA1000 Appliance Work Place interface. Discovered by security researcher Ronan Kervella of ...
4 months ago Cybersecuritynews.com

Exploring EMBA: Unraveling Firmware Security with Confidence - Firmware security analysis is a critical aspect of modern cybersecurity. In this article, we delve into EMBA, a powerful open-source firmware security analysis tool. We'll explore its history, compare it to similar software projects, list its useful ...
1 year ago Securityboulevard.com

CVE-2021-20716 - Hidden functionality in multiple Buffalo network devices (BHR-4RV firmware Ver.2.55 and prior, FS-G54 firmware Ver.2.04 and prior, WBR2-B11 firmware Ver.2.32 and prior, WBR2-G54 firmware Ver.2.32 and prior, WBR2-G54-KD firmware Ver.2.32 and prior, ...
4 years ago

Types of Malware and How To Prevent Them - Malware is one of the biggest security threats to any type of technological device, and each type of malware uses unique tactics for successful invasions. Even if you've downloaded a VPN for internet browsing, our in-depth guide discusses the 14 ...
1 year ago Pandasecurity.com

SonicWall Firmware Update Contains Rootkit Malware, Warns Security Researchers

Cyber News related to SonicWall Firmware Update Contains Rootkit Malware, Warns Security Researchers

Latest Cyber News

Cyber Trends (last 7 days)

Trending Cyber News (last 7 days)