March 8, 2021

TerabitWeb Blog

Fascinating Technology and Security Information

11 security patches released in CUJO Smart Firewall platform

1 min read

Original Post from SC Magazine
Author: Robert Abel

Cisco Talos researchers discovered 11 vulnerabilities in the CUJO Smart Firewall platform which could allow an attacker to ultimately take control of a device by either executing arbitrary code or by uploading and executing unsigned kernels on affected systems.

Researchers found the Firewall was vulnerable to remote code execution, local code execution, smartphone app code execution, device-local verified boot bypass, and safe browsing bypass, attacks, according to a March 19 blog post.

Researchers identified two chains that could be used to execute code remotely without authentication, one of which exploits a  vulnerability in the Webroot BrightCloud SDK while the other uses the Lunatik Lua engine in order to execute Lua scripts from within the kernel context.

CUJO AI has provided a system update to resolve these issues and these devices and researchers recommend affected users confirm their devices have been updated as soon as possible to ensure that the devices are no longer affected by these vulnerabilities.

The post 11 security patches released in CUJO Smart Firewall platform appeared first on SC Media.


Go to Source
Author: Robert Abel

Copyright © All rights reserved. | Newsphere by AF themes.