- Tram Ho
To ensure safety, VSEC recommends that units using Cyberoam to immediately update the new operating system and apply encryption for data transmission, even on the intranet.
Cyberoam is a type of firewall device to protect websites, based on user authentication, providing real-time protection against attacks and cyber security threats. Therefore, Cyberoam is being widely used in the system of businesses, organizations, especially schools and banks with more than 96,000 public devices around the world.
According to research by Vietnam Internet Security Joint Stock Company (VSEC), even in Vietnam, there are many leading banks and telecommunications companies that are using Cyberoam equipment for their security solutions.
But now, VSEC is broadcasting a warning about the vulnerability on Cyberoam with the code name CVE-2019-17059, which has a danger rating of 9/10 – almost the highest on the rating scale. The danger of this security flaw is that it allows hackers to access Cyberoam and execute unauthorized commands remotely without providing a username and password.
To exploit this vulnerability, hackers will access the web administration interface or SSL VPN consoles, and then send the packets containing the exploit code to those two interfaces to gain control. device.
More dangerous, the granted access is the highest right, so the attacker can do any activity on your Cyberoam device such as turning off the protection functions, attacking deeper into the system or installing. put backdoor into the intranet, monitor all the message data, transactions, … transmitted in the network.
This vulnerability was discovered on the version of CyberoamOS before 10.6.6 MR-6 and is considered by the VSEC security experts to be a serious vulnerability that can greatly affect many Vietnamese enterprises.
To ensure the safety of Vietnamese organizations and businesses, VSEC recommends that units using Cyberoam immediately update to the latest version, using encryption protocols to transmit data, including in intranet, and improve user awareness of information security.
Moreover, VSEC also recommends that organizations should not rely solely on firewall devices, but should carry out parallel security testing, assessment, and vulnerability scanning on open, open systems. Using world security standards like OWASP, ISO 27008.
Source : GenK