Microsoft Finds New NETGEAR Firmware Vulnerabilities

Microsoft Finds New NETGEAR Firmware Vulnerabilities

The team discovered the flaws in NETGEAR DGN-2200v1 series routers while they were conducting an investigation on device fingerprinting. The researchers warned that exploitation of these vulnerabilities could result in identity theft and full system compromise.


Tracked as PSV-2020-0363, PSV-2020-0364, and PSV-2020-0365, they range in CVSS rating from high (7.4) to critical (9.4). Microsoft reported the discovery to NETGEAR, which has released a security advisory patching the flaws.


According to Microsoft’s Jonathan Bar Or, exploits for these firmware vulnerabilities can compromise a network’s security, making way for threat actors to roam free through an entire organization.



We noticed a very odd behavior: a device owned by a non-IT personnel was trying to access a NETGEAR DGN-2200v1 router’s management port. The communication was flagged as anomalous by machine learning models, but the communication itself was TLS-encrypted and private to protect customer privacy, so we decided to focus on the router and investigate whether it exhibited security weaknesses that can be exploited in a possible attack scenario.



Source


As Security Week reported, the team managed to document side-channel attack scenarios and authentication bypass exploits that allowed the retrieval of secrets stored in the NETGEAR routers.


“Routers are integral to networking, so it is important to secure the programs supporting its functions”, Bar Or added.


The researchers performed ..

Support the originator by clicking the read the rest link below.