It was just published that a flaw in Cisco firewalls could allow remote attackers to execute code.
As reported by Security Affairs: “The Cisco ASA Adaptive Security Appliance is an IP router that acts as an application-aware firewall, network antivirus, intrusion prevention system, and virtual private network (VPN) server.”
As the above article notes, this is not the first time major critical infrastructure has been discovered as vulnerable. Just last December, it was revealed that unauthorized code (a backdoor) was discovered in Juniper Netscreen Firewalls that “would allow attackers, if they had ample resources and skills, to separately decrypt encrypted traffic running through the Virtual Private Network, or VPN, on the firewalls.” Some speculated that it may have been the work of foreign (possibly Chinese or Russian) agents that managed to get the code embedded. While others speculated it could have been the NSA.
Then a short time later in January, hard coded passwords were discovered for “FortiOS operating system, deployed on Fortinet’s FortiGate firewall networking equipment.”
As reported by hackernews, “Anyone with “Fortimanager_Access” username and a hashed version of the password string, which is hard coded into the firewall, can login into Fortinet’s FortiGate firewall networking equipment.
As all these instances teach us, no solutions provider is perfect, and these types of backdoors can apparently be found even among the best vendors.
Over the past year or two we’ve seen that the perimeter has become porous with cloud apps and BYOD, now it seems even the front door isn’t safe.
All the more reason to lock down your data.