11 vulnerabilities found in CUJO firewall

News by Robert Abel

Cisco Talos found 11 vulnerabilities in the CUJO Smart Firewall platform which could allow an attacker to take control of a device by executing arbitrary code or uploading & executing unsigned kernels on affected systems.

Cisco Talos researchers discovered 11 vulnerabilities in the CUJO Smart Firewall platform which could allow an attacker to ultimately take control of a device by either executing arbitrary code or by uploading and executing unsigned kernels on affected systems.

Researchers found the Firewall was vulnerable to remote code execution, local code execution, smartphone app code execution, device-local verified boot bypass, and safe browsing bypass, attacks, according to a March 19 blog post.

Researchers identified two chains that could be used to execute code remotely without authentication, one of which exploits a vulnerability in the Webroot BrightCloud SDK while the other uses the Lunatik Lua engine in order to execute Lua scripts from within the kernel context.

CUJO AI has provided a system update to resolve these issues and these devices and researchers recommend affected users confirm their devices have been updated as soon as possible to ensure that the devices are no longer affected by these vulnerabilities.

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews