![]() ![]() SOHO routers misconfigured by defaultĪs the patch is publicly available, we are free to talk about the vulnerability and its impact. Unfortunately for the Tenable team, one of the most crucial vulnerabilities in our attack chain was patched by NETGEAR the day before the Pwn2Own registration deadline. ![]() While teams and individuals spend weeks researching and collecting their zero days, vendors may release last minute patches that can thwart attack chains. The contest includes a special challenge, a small office/home office (SOHO) “smashup” to simulate a real world attack where an attacker would chain vulnerabilities in multiple devices in order to compromise a home network.īecause the targets chosen for the competition are widely used, there’s a much higher chance that security researchers have already picked them apart and found compelling vulnerabilities. Pwn2Own complements ZDI’s broader purpose of collecting and reporting vulnerabilities to vendors, developing signatures for intrusion detection and thereby aiding defenders in reducing their exposure. Pwn2Own is a hacking competition where contestants are challenged with exploiting widely used software and devices using zero-day vulnerabilities. ![]() Tenable’s Zero Day Research Team began investigating NETGEAR’s Nighthawk router after reviewing the target list for the Zero Day Initiative’s (ZDI) Pwn2Own Toronto contest. Organizations need to manually apply firmware updates. Tenable Research has discovered a configuration issue impacting NETGEAR Nighthawk WiFi6 Routers commonly used in small offices and large homes. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |