And some 800,000 installations facing the internet, patches are available Zyxel storage, firewall, VPN, security boxes have a give-anyone-on-the-internet-root hole: Patch right now
A critical vulnerability in a SonicWall enterprise VPN firewall can be exploited to crash the device or remotely execute code on it, reverse engineers said this week. The stack-based buffer overflow (CVE-2020-5135) uncovered by infosec outfit Tripwire can be triggered by an “unauthenticated HTTP request involving a custom protocol handler” – and, most worryingly, could have been deployed by an “unskilled attacker.” The biz said about 800,000 devices were discoverable through device sea...