Blog
Share This Post
[ad_1]
Ongoing attacks leveraging a trio of zero-day flaws impacting I-O Data routers were disclosed by the Japanese computer peripheral products manufacturer, reports SecurityWeek.
Most severe of the vulnerabilities is the undocumented features inclusion issue, tracked as CVE-2024-52564, which could be exploited to facilitate remote firewall deactivation, device setting manipulation, and arbitrary OS command execution, according to Japan’s Computer Emergency Response Team Coordination Center. Also exploited are the CVE-2024-47133 and CVE-2024-45841 flaws, which could be abused to execute arbitrary OS commands with escalated privileges and allow potential authentication data compromise, respectively. Additional details regarding the zero-day exploits, which were disclosed by National Institute of Information and Communications Technology and 00One, Inc. researchers, have not been provided and while I-O Data has already resolved CVE-2024-52564 with an update to version 2.1.9 of the router, it is expected to release fixes for the two remaining bugs on Dec. 18 at the earliest.
Get essential knowledge and practical strategies to fortify your network security.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
