Vulnerability in Plug-and-Play Protocol Puts ...

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

tdsan,
User Rank: Ninja
6/11/2020 | 12:17:08 PM

Interesting article, but this is a mute point since most of the devices are behind FWs

With PoC code now available, an attacker could easily scan for and collect a list of vulnerable devices that are publicly accessible.

From my understanding, most of the printers are behind firewalls; however, if there is lateral/horizontal movement, the end-user or admin has bigger problems that need to be addressed (per the statement made by the speaker). In certain instances, I can see where certain cameras might be affected because they are connected directly to the internet (traffic cameras) and some of their IP Addresses are made public, but I am not sure how many IOT devices are connected directly to the internet. There is a site on the web that indicates a number of devices connected directly to the internet but that is part of another conversation - https://www.shodan.io/explore

I do see limitations in the statements made but it is possible, we just need to remain vigilant. A possible remidy would be to connect using SHA Hash 256 to the OS because the system could determine if the hash was found on the network or a token process where a PIN is used (a number of printers have this capability but most people don't use it).

Todd

Reply | Post Message | Messages List | Start a Board

Editors' Choice

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP, 7/9/2021

Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours

Robert Lemos, Contributing Writer, 7/7/2021

It's in the Game (but It Shouldn't Be)

Tal Memran, Cybersecurity Expert, CYE, 7/9/2021

Live Events

Webinars

SecTor - Canada's IT Security Conference Oct 1-6 - Learn More

Black Hat USA - August 6-11 - Learn More

More Informa Tech Live Events

White Papers

Five Best Practices for AWS Security Monitoring

Sumo Logic for Continuous Intelligence

Gartner, Quick Answer: How Can Organizations Use DNS to Improve Their Security Posture?

The Many Risks of Modern Application Development

Endpoint Detection Net Suite Use Cases

More White Papers

Cartoon

Latest Comment: I've heard of people walking right out the front door with entire servers...

Cartoon Archive

Current Issue

Improving Enterprise Cybersecurity With XDR

Enterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Incident Readiness and Building Response Playbook

In this special report, learn the Xs and Os of any good security incident readiness and response playbook.

Download Now!

Battle for the Endpoint

0 comments

How Enterprises are Developing Secure Applications

0 comments

Assessing Cybersecurity Risk in Today's Enterprises

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2013-4146
PUBLISHED: 2022-06-30

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-3414. Reason: This candidate is a duplicate of CVE-2012-3414. Notes: All CVE users should reference CVE-2012-3414 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental u...

CVE-2013-4170
PUBLISHED: 2022-06-30

In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, the `tagName` property of an `Ember.View` was inserted into such a string without being sanitized. This means that if an application assigns a view's `tagName` to ...

CVE-2021-41506
PUBLISHED: 2022-06-30

Xiaongmai AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, HI3518_50H10L_S39 V4.02.R11.7601.Nat.Onvif.20170420, V4.02.R11.Nat.Onvif.20160422, V4.02.R11.7601.Nat.Onvif.20170424, V4.02.R11.Nat.Onvif.20170327, V4.02.R11.Nat.Onvif.20161205, V4.02.R...

CVE-2022-1852
PUBLISHED: 2022-06-30

A NULL pointer dereference flaw was found in the Linux kernelâ€™s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.

CVE-2022-2078
PUBLISHED: 2022-06-30

A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]