• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
new kcodes netusb bug affect millions of routers from different

New KCodes NetUSB Bug Affect Millions of Routers from Different Vendors

You are here: Home / General Cyber Security News / New KCodes NetUSB Bug Affect Millions of Routers from Different Vendors
January 11, 2022

Cybersecurity scientists have detailed a high severity flaw in KCodes NetUSB part that’s integrated into thousands and thousands of close-user router products from Netgear and TP-Link, amongst many others.

KCodes NetUSB is a Linux kernel module that enables gadgets on a area network to offer USB-dependent products and services above IP. Printers, external really hard drives, and flash drives plugged into a Linux-primarily based embedded procedure (e.g., a router) are built offered by means of the network making use of the driver.

Automatic GitHub Backups

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


CVE-2021-45608 (CVSS rating: 9.8), as the security flaw is tracked as, relates to a buffer overflow vulnerability that, if properly exploited, can permit attackers to execute code remotely in the kernel and perform destructive things to do of their selection, in accordance to a report shared by SentinelOne with The Hacker Information.

This is the most recent in a string of NetUSB vulnerabilities that has been patched in current yrs. In Might 2015, researchers from SEC Consult disclosed one more buffer overflow flaw (CVE-2015-3036) that could consequence in a denial-of-assistance (DoS) or code execution.

KCodes NetUSB Bug

Then in June 2019, Cisco Talos divulged information of two weaknesses in NetUSB (CVE-2019-5016 and CVE-2019-5017) that could enable an attacker to inappropriately drive pick out Netgear wi-fi routers into disclosing delicate information and even offering the attacker the skill to remotely execute code.

Prevent Data Breaches

Following liable disclosure to KCodes on September 20, 2021, the Taiwanese business issued a patch to all sellers on November 19, right after which Netgear launched firmware updates containing fixes for the vulnerability.

SentinelOne has refrained from releasing a proof-of-thought (PoC) code in gentle of the simple fact that other vendors are continue to in the procedure of transport updates. But the cybersecurity firm cautioned the risk of an exploit rising in the wild despite the specialized complexity concerned, creating it essential that consumers implement the fixes to mitigate any likely risk.

“Because this vulnerability is in a third-party element licensed to many router suppliers, the only way to deal with this is to update the firmware of your router, if an update is available,” researcher Max Van Amerongen mentioned. “It is significant to verify that your router is not an close-of-lifetime model as it is unlikely to get an update for this vulnerability.”

Identified this article intriguing? Stick to THN on Fb, Twitter  and LinkedIn to read through extra unique written content we write-up.


Some pieces of this posting are sourced from:
thehackernews.com

Previous Post: «Cyber Security News Cyber-Thieves Raid Grass Valley
Next Post: Millions of Routers Exposed by Bug in USB Module millions of routers exposed by bug in usb module»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Enzo Biochem Hit by Ransomware, 2.5 Million Patients’ Data Compromised
  • US and Korean Agencies Issue Warning on North Korean Cyber-Attacks
  • Malicious PyPI Packages Use Compiled Python Code to Bypass Detection
  • New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America
  • The Importance of Managing Your Data Security Posture
  • Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering
  • Insurers Predict $33bn Bill for Catastrophic “Cyber Event”
  • Chinese Phishing Gang “PostalFurious” Expands Campaign
  • Kaspersky Says it is Being Targeted By Zero-Click Exploits
  • North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks

Copyright © TheCyberSecurity.News, All Rights Reserved.