Netgear urges customers to update their router firmware following the discovery and patching of two critical vulnerabilities. The vulnerabilities, affecting multiple router models, highlight the growing importance of securing edge devices, which are increasingly targeted by attackers. Simultaneously, national cybersecurity agencies issue a joint advisory emphasizing the need for robust security measures on edge devices such as routers, WAPs, and smart home cameras.
Netgear is urging customers to update their router firmware after discovering and patching two critical vulnerabilities. While the company hasn't divulged specifics about the vulnerabilities, including whether they've been exploited, it emphasizes that failing to update exposes devices to continued risk. The vulnerabilities, a 9.6-scored authentication bypass bug (CVE-2024-0117) and a 9.
8-scored unauthenticated remote code execution (RCE) flaw, affect several router models, including two that have reached end of life (EOL): the WAX206 and WAX220, as well as the currently supported WAX214v2. The RCE flaw specifically impacts routers within Netgear's Nighthawk gaming range, namely the XR100, XR1000v2, and XR500, which are still receiving product updates. This vulnerability disclosure coincides with a joint security advisory issued by numerous national cybersecurity agencies, including those from the US, UK, Canada, Australia, Czechia, and Japan. The advisory highlights the importance of securing edge devices, which encompass a wide range of internet-connected gadgets like routers, wireless access points (WAPs), VPN gateways, firewalls, NAS appliances, and smart home cameras. Exploitable edge devices can serve as entry points for attackers to infiltrate victim networks, potentially leading to data breaches or system compromise. While the agencies haven't explicitly linked the advisory to any recent incidents, it's speculated that the recent vulnerabilities disclosed by Ivanti, Fortinet, and now Netgear might have contributed to this heightened awareness.The joint advisory emphasizes the need for enhanced logging and forensic data gathering capabilities in edge devices to aid in post-intrusion investigation. Experts stress that securing edge devices is paramount, as they act as the first line of defense between an organization's internal network and the internet. Even unskilled attackers can exploit vulnerabilities in unsecured edge devices, potentially compromising sensitive data and critical services. The advisory outlines a series of mitigation strategies, including implementing strong passwords, disabling unnecessary services, and regularly updating firmware, as essential steps for network defenders to minimize risk. The shared emphasis on securing edge devices reflects a growing recognition of their critical role in the overall security posture of organizations
Netgear Router Vulnerabilities Cybersecurity Edge Devices Remote Code Execution Authentication Bypass Firmware Update National Cybersecurity Agencies
United Kingdom Latest News, United Kingdom Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Google Patches Critical Vulnerability in Android, Netgear Issues Urgent Security UpdatesGoogle releases February Android security updates addressing a high-severity kernel-level vulnerability potentially exploitable through malicious USB hardware. Netgear issues critical security fixes for unauthenticated remote code execution and authentication bypass vulnerabilities affecting multiple router models.
Read more »
Oracle Patches Critical Vulnerabilities in Multiple ProductsOracle has released a comprehensive set of security patches addressing critical vulnerabilities in its wide range of products, including Agile PLM Framework, Oracle Communications, Oracle Analytics, Oracle Hospitality Applications, JD Edwards, MySQL, and PeopleSoft.
Read more »
Apple Patches Zero-Day Security Hole in iOS, macOS, and MoreApple has released security updates to address a zero-day vulnerability (CVE-2025-24085) affecting iPhones, iPads, macOS, and other Apple devices. The vulnerability, related to CoreMedia's memory management, could allow malicious apps to gain system control. Apple acknowledges that the bug has been actively exploited, urging users to update their devices promptly.
Read more »
The Sims 1 + 2 Legacy Patches Aim to Fix Launching Issues, But at What Cost?EA has released a new patch for The Sims 1 + 2 Legacy, addressing numerous issues including launch failures, resolution problems, and crashes. However, the patch raises concerns about the basic nature of these re-releases and whether the price justifies the lack of polish.
Read more »
Amazon's 24k gold eye patches cut to £6.74 in flash saleUsers say the eye patches help to reduce puffiness while 'tightening' the eye area
Read more »
Cyberpunk 2077 Patches Phantom Liberty Bug, Adds DLSS 4 SupportCD Projekt Red releases a new patch for Cyberpunk 2077, addressing a frustrating bug in the Phantom Liberty expansion and introducing performance enhancements.
Read more »