Owned by cyber security giant Sophos; the vulnerabilities were identified in the software of Cyberoam Technologies whose tagline is “Securing You.”
One doesn’t expect cybersecurity companies to be vulnerable since they’re supposed to protect us, right? But lately, it has been happening over and over again and even the most vigilant of enterprises are either being compromised or vulnerable to cyber-attacks.
Just recently, vpnMentor has released a new report detailing 2 vulnerabilities in an Indian based security company called Cyberoam.
Affecting the firm’s firewall and VPN technology; the first of these was discovered back in 2019 while the second earlier this year on 1 January due to a report by an anonymous ethical hacker with both of them affecting Cyberoam’s email quarantine system.
Start Streaming with IPVanish Now!
For the unacquainted, quarantine emails are those that are deemed to be potentially harmful and thereby are isolated in a separate folder in one’s email account temporarily before they are deleted. Potentially affected devices range from 70,000 – 170,000 with no definite number at the moment.
Root Command Execution(RCE) Vulnerability #1
Using this flaw, attackers could exploit this email quarantine system without knowing any login credentials for associated accounts. Moreover, if the attacker was successful, they could ultimately gain administrator privileges allowing them to control the victim’s device.
The consequence of this is that being a company whose solutions are used by large i ..
Support the originator by clicking the read the rest link below.
