Fortinet
- Fortinet Secure SD-WAN Again, Receives NSS Labs’ “Recommended” Rating 19 juin 2019
Learn more about why Fortinet received its second consecutive « recommended » rating from NSS Labs for its FortiGate Secure SD-WAN solution. - Security-Driven Networking, SD-WAN, and the New Edge: A Q&A with John Maddison 18 juin 2019
Fortinet’s John Maddison, recently sat down for a conversation with Dan Woods from Early Adopter Research to discuss issues CISOs face regarding securing the distributed networks and edges of today. Read this summary of the interview to learn more about securing SD-WAN, the new edge, and security-driven networking. … - Analysis of a New HawkEye Variant 18 juin 2019
FortiGuard Labs recently identified a new variant of HawkEye malware being spread by a phishing email. Read more about the analysis here. - SD-Branch — Extending Security into the Next-Gen Branch Network 17 juin 2019
As organizations look to enable their remote branches and locations with all of the power and potential of digital transformation, they are finding that they need to rethink their entire WAN strategy. Learn how Fortinet’s Secure SD-Branch solution offers simplicity, visibility, and industry leading security to improve the WAN experience for branch users. … - Big Data Made Small 13 juin 2019
Prosiak 65 is a malware that was first seen almost 20 years ago. As with many older malware, it continues to be in circulation. While the overall prevalence of Prosiak 65 has declined across locations, we have and continue to see repeated activity – our research offers more information on the malware. … - Improving Safety in Schools Through the Convergence of Digital and Physical Security 13 juin 2019
K-12 schools are under increasing pressure to protect the personal information of their students, along with the safety of the students themselves. Find out why converging physical and cyber security is critical for student safety as well as network performance. - Secure SD-WAN vs NFV: Unraveling the Hidden Costs of WAN Edge Technologies 12 juin 2019
This blog will help highlight key considerations when evaluating WAN-edge technologies and unravel various options to help make the right decisions for an organization. - The Critical Role of Independent Third-Party Testing 12 juin 2019
Learn more about how third-party testing not only keeps security vendors honest and encourages safety, but also drives innovation and improvements to cybersecurity products and solutions. - “BlueKeep” Vulnerability (CVE-2019-0708) within Cloud/Datacenter Machines: How to Safeguard Yourself? 12 juin 2019
Recently, FortiGuard Labs conducted its own research on Microsoft Azure datacenter IP ranges and found several instances of unpatched machines still vulnerable to the critical “BlueKeep” RDP vulnerability. Learn more about how to protect against this vulnerability. - 5 Must-Haves for Effectively Securing Azure 11 juin 2019
Learn more about how Fortinet’s cloud security solutions for Microsoft Azure offer a broad set of tools to protect against advanced threats, the ability to integrate cloud controls with on-premises security solutions, and seamless integration and functionality.
Aruba
- WPA3 Multiple Vulnerabilities 16 avril 2019
On April 10, 2019 a research paper by Mathy Vanhoef and Eyal Ronen was released documenting a series of potential vulnerabilities in implementations of WPA3 and EAP-pwd (RFC 5931). Details on EAP-pwd vulnerabilities have not yet been released. This advisory covers only WPA3 vulnerabilities.
- Aruba Instant Multiple Vulnerabilities 27 février 2019
Aruba has released updates to Aruba Instant (IAP) that address multiple serious vulnerabilities. The most significant vulnerability is rated CRITICAL with a CVSS score of 9.8.
- ClearPass Policy Manager Multiple Vulnerabilities 7 novembre 2018
Aruba has released an update to ClearPass Policy Manager that addresses multiple security vulnerabilities.
- Aruba BLE Radio Firmware Vulnerability 18 octobre 2018
A vulnerability exists in the firmware of embedded BLE radios that are part of all Aruba AP-3xx series access points. An attacker who is able to exploit the vulnerability could install new, potentially malicious firmware into the AP’s BLE radio and could then gain access to the AP’s console port. Aruba products are NOT affected by a similar vulnerability being tracked as CVE-2018-16986 … - Apache Struts Vulnerability in ClearPass Policy Manager 24 août 2018
The Apache Struts group announced Struts version 2.3.35 on August 22, 2018.
Included in this update is a fix for one security vulnerability. Aruba ClearPass includes Apache Struts 2.3.34, but in a non-vulnerable configuration. - Linux Kernel Vulnerabilities in ClearPass and AirWave 24 août 2018
Two Linux kernel vulnerabilities, known as “SegmentSmack” and “FragmentSmack”, have been publicly disclosed. The Linux kernel used by Aruba ClearPass Policy Manager and Aruba AirWave is affected. Other Aruba products are not affected.
- Return Of Bleichenbacher’s Oracle Threat (ROBOT) 28 mars 2018
The cryptography library used by Aruba Instant provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker may be able to recover private keys for X.509 certificates. This vulnerability is
referred to as “ROBOT.” - ClearPass Policy Manager Multiple Vulnerabilities 21 mars 2018
Aruba has released an update to ClearPass Policy Manager that addresses four security vulnerabilities.
- Unauthorized Memory Disclosure through CPU Side-Channel Attacks (“Meltdown” and “Spectre”) 4 janvier 2018
- WPA2 Key Reinstallation Vulnerabilities (CVE-2017-13077) 16 octobre 2017
Cisco
- Cisco Integrated Management Controller CLI Command Injection Vulnerability 19 juin 2019
A vulnerability in the CLI of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient validation of user-supplied input at the CLI. An attacker could exploit this vulnerability by authenticating with the administrator password via the CLI of an affect … - Cisco Wide Area Application Services Software HTTPS Proxy Authentication Bypass Vulnerability 19 juin 2019
A vulnerability in the HTTPS proxy feature of Cisco Wide Area Application Services (WAAS) Software could allow an unauthenticated, remote attacker to use the Central Manager as an HTTPS proxy. The vulnerability is due to insufficient authentication of proxy connection requests. An attacker could exploit this vulnerability by sending a malicious HTTPS CONNECT message to the Central Manager. A … - Cisco TelePresence Endpoint Command Shell Injection Vulnerability 19 juin 2019
A vulnerability in the Cisco Discovery Protocol (CDP) implementation for the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, adjacent attacker to inject arbitrary shell commands that are executed by the device. The vulnerability is due to insufficient input validation of received CDP packets. An attacker could exploit this vulnerability by sen … - Cisco StarOS Denial of Service Vulnerability 19 juin 2019
A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploi … - Cisco SD-WAN Solution Privilege Escalation Vulnerability 19 juin 2019
A vulnerability in the vManage web-based UI (Web UI) of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected vManage device. The vulnerability is due to a failure to properly authorize certain user actions in the device configuration. An attacker could exploit this vulnerability by logging in to the vManage Web UI and sending crafted HT … - Cisco SD-WAN Solution Privilege Escalation Vulnerability 19 juin 2019
A vulnerability in the CLI of Cisco SD-WAN Solution could allow an authenticated, local attacker to elevate lower-level privileges to the root user on an affected device. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by authenticating to the targeted device and executing commands that could lead to elevated privileges. A successful … - Cisco SD-WAN Solution Command Injection Vulnerability 19 juin 2019
A vulnerability in the vManage web-based UI (Web UI) in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the vManage Web UI. A successful ex … - Cisco RV110W, RV130W, and RV215W Routers Management Interface Denial of Service Vulnerability 19 juin 2019
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of user-s … - Cisco RV110W, RV130W, and RV215W Routers Information Disclosure Vulnerability 19 juin 2019
A vulnerability in the web interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to acquire the list of devices that are connected to the guest network. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing a specific URI on the web interface of the router. There are no w … - Cisco RV110W, RV130W, and RV215W Routers Unauthenticated syslog File Access Vulnerability 19 juin 2019
A vulnerability in the web-based management interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to access the syslog file on an affected device. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing the URL for the syslog file. A successful exploit could allow the attac …
Google Online Security Blog