Data BreachInformation Security News

Sophos fixed vulnerabilities on its Cyberoam Firewall Device

A vulnerability has been detected by a security researcher on the Sophos Cyberoam firewall device that has reported the necessary patches.

This flaw could potentially be exploited by a hacker to access the internal network of a company without the need for a password. Such a flaw has also been previously identified on private virtual networks owned by a few vendors such as Palo Alto Networks, Pulse Secure, and Fortinet.

Big companies like Uber and Twitter are among the victims of attacks from this type of loophole, forcing Homeland Security to issue warning notices. The researcher believes that a hacker could exploit this vulnerability by using an IP address of a device. For that, it is enough for him to go on search engines like Shodan.

Image via Sophos

Sophos said it made corrections on September 30 on 99% of devices on display. The rest could not be processed because users turned off the automatic update feature. She also said patches will be available on her CyberoamOS operating system in the coming days.

The Cyberoam device is used by large companies. It serves primarily as a gateway to facilitate network access to users in a secure manner. It also has a virtual private network, or VPN, which allows employees to connect from another place than the local business.

Show More

Related Articles

Back to top button