Monday, March 8, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

CUJO Smart Firewall vulnerabilities exposed home networks to critical attacks

March 21, 2019
in Internet Security
CUJO Smart Firewall vulnerabilities exposed home networks to critical attacks
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Data breach leaves hundreds of POS units infected with malware
Nearly 140 bars, restaurants, and coffee shops all over the US have had POS systems infected with malware.

Security researchers have uncovered a swathe of serious vulnerabilities in a firewall system developed by CUJO which has been designed to prevent cyberattackers from infiltrating home networks.

You might also like

eSafety defends detail of Online Safety Bill as the ‘sausage that’s being made’

Maza Russian cybercriminal forum suffers data breach

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

The vulnerabilities were discovered by Claudio Bozzato from the Cisco Talos cybersecurity team.

On Tuesday, the organization published an in-depth examination of the security flaws, which included critical remote code execution bugs.

CUJO’s Smart Firewall is a device which proclaims protection from malware, viruses, and hacking attempts by way of an intelligent home firewall. However, according to Cisco Talos, the device contained flaws which were severe enough to enable cyberattackers to bypass safe browsing functions and fully hijack the product at will.

There are two main ways that hackers were able to compromise CUJO — through the execution of arbitrary code in the context of a root user, or by uploading and executing unsigned kernels on affected systems. 

By combining bugs into one of two chains, attackers are also able to remotely execute code without any form of authentication.

The first chain relates to a vulnerability in the Webroot BrightCloud SDK, CVE-2018-4012, which is used by CUJO to retrieve website trust and reputation information as part of the firm’s safe browsing protection.

The bug is present in the SDK which uses HTTP — rather than an encrypted channel — to communicate with remote BrightCloud services. Should an attacker choose to intercept this traffic with a basic Man-in-The-Middle (MiTM) attack, it is what Talos describes as a “trivial” task to impersonate the BrightCloud service and execute code on the device as the root user.

CVE-2018-4031 is another security flaw impacting the safe browsing element of CUJA software. The product uses the Lunatik Lua engine to analyze network traffic, but a script injection vulnerability present in the engine allows any user, without authentication, to execute Lua scripts in the kernel.

However, as an unsafe load function is also in play, the bug can also be used to execute arbitrary code and force CUJO to extract and analyze arbitrary hostnames.

See also: Facebook debuts AI tool to tackle revenge porn

“A malicious website could chain both vulnerabilities together in order to force any client machine in CUJO’s network to perform a POST request via JavaScript, triggering the Lua injection and effectively executing code in the kernel,” the researchers added.

The vulnerabilities described can be chained with another security flaw, CVE-2018-3968, a boot bypass issue, to permanently hijack a CUJO device.

This security flaw is present in Das U-Boot’s Verified Boot loader. Versions 2013.07-rc1 to 2014.07-rc2 of the open-source software contain an issue which allows a boot to take place from legacy, unsigned images.

However, U-Boot is unmodifiable by design, and so CUJO cannot fix it — but the company can mitigate the problem by resolving its own bugs.

TechRepublic: How to prevent spear phishing attacks: 8 tips for your business

Two other vulnerabilities of note which have been disclosed are CVE-2018-3985 and CVE-2018-4003, both of which are code execution bugs in CUJO. While CUJO does constrain one of the processes involved which would force an attacker to escalate their privileges to utilize these flaws, if they manage to do so, this could result in arbitrary code execution on the local network.

In total, 11 security flaws were found in CUJO Smart Firewall version 7003 and reported by Cisco Talos. Static DHCP hostname command injection, record parsing errors, and denial-of-service (DoS) vulnerabilities were also disclosed.

The CUJO case serves as a reminder that if you are going to hang your hat on the promise of being a cybersecurity product, you should keep your own security practices up to par. One or two vulnerabilities may be easily forgiven — considering that every vendor in the world will eventually miss a bug or two — but this amount for a cybersecurity product seems excessive.

However, CUJO did respond to Cisco Talos’ findings quickly and has begun rolling out a system update to resolve the vulnerabilities. Users should check their devices and make sure that the latest update has been applied.

Update 14.43 GMT: CUJO acknowledged the device-specific vulnerabilities in the CUJO Smart Firewall firmware version 7003, which was discontinued in 2017.

“Our team is grateful to Cisco Talos for their research and reporting the found vulnerabilities to us,” CUJO said in a statement. “This is strengthening our solution from possible malicious behavior, and helps us to protect our users against advanced vulnerabilities of our discontinued firewall device. We are dedicated to our user security, and we want to reiterate that personally identifiable user data was not disclosed in any form.”

CNET: Facial recognition overkill: How deputies cracked a $12 shoplifting case

This is not the first time that CUJO has been connected to security problems. In January, failures in the CUJO API were revealed together with proof-of-concept (PoC) code which, if exploited, could result in the creation of new schedules, Internet connection tampering and DoS attacks against all devices connected to the system. 

Previous and related coverage

Credit: Source link

Previous Post

Decentralized Machine Learning (DML) 24-Hour Volume Hits $10,771.00

Next Post

Prediction of cardiovascular outcomes with machine learning techniques

Related Posts

Bill establishing cyber abuse takedown scheme for adults enters Parliament
Internet Security

eSafety defends detail of Online Safety Bill as the ‘sausage that’s being made’

March 8, 2021
Maza Russian cybercriminal forum suffers data breach
Internet Security

Maza Russian cybercriminal forum suffers data breach

March 7, 2021
Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud
Internet Security

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

March 7, 2021
CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now
Internet Security

CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now

March 7, 2021
Linux distributions: All the talent and hard work that goes into building a good one
Internet Security

Linux distributions: All the talent and hard work that goes into building a good one

March 7, 2021
Next Post
Prediction of cardiovascular outcomes with machine learning techniques

Prediction of cardiovascular outcomes with machine learning techniques

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Bill establishing cyber abuse takedown scheme for adults enters Parliament
Internet Security

eSafety defends detail of Online Safety Bill as the ‘sausage that’s being made’

March 8, 2021
An Easy Way to Solve Complex Optimization Problems in Machine Learning
Data Science

An Easy Way to Solve Complex Optimization Problems in Machine Learning

March 8, 2021
Machine Learning Patentability In 2019: 5 Cases Analyzed And Lessons Learned Part 4 – Intellectual Property
Machine Learning

Podcast: Non-Binding Guidance: FDA Regulatory Developments In AI And Machine Learning – Food, Drugs, Healthcare, Life Sciences

March 8, 2021
Here’s an adorable factory game about machine learning and cats
Machine Learning

Here’s an adorable factory game about machine learning and cats

March 8, 2021
How Machine Learning Is Changing Influencer Marketing
Machine Learning

How Machine Learning Is Changing Influencer Marketing

March 8, 2021
Video Highlights: Deep Learning for Probabilistic Time Series Forecasting
Machine Learning

Video Highlights: Deep Learning for Probabilistic Time Series Forecasting

March 7, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • eSafety defends detail of Online Safety Bill as the ‘sausage that’s being made’ March 8, 2021
  • An Easy Way to Solve Complex Optimization Problems in Machine Learning March 8, 2021
  • Podcast: Non-Binding Guidance: FDA Regulatory Developments In AI And Machine Learning – Food, Drugs, Healthcare, Life Sciences March 8, 2021
  • Here’s an adorable factory game about machine learning and cats March 8, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates