Warning: Detecting a very serious vulnerability in Cyberoam, a common firewall system in Vietnam

VSEC is broadcasting a warning about an extremely dangerous vulnerability with the code name CVE-2019-17059 on Cyberoam. According to experts, this gap is dangerous at 9/10 - almost the highest in the rating scale, which can greatly affect many Vietnamese businesses. This vulnerability was discovered on the version of CyberoamOS before 10.6.6 MR-6.

1. Warning: Jenkins exists a serious security hole that helps hackers gain control of computers of many Vietnamese businesses

Cyberoam is a firewall protecting website based on user authentication, supporting real-time protection of organizations and businesses against attacks and cyber security threats.

Warning: Detecting a very serious vulnerability in Cyberoam, a common firewall system in Vietnam Picture 1

Currently, more than 96,000 devices in the world use Cyberoam publicly. In Vietnam, Cyberoam devices are also used by many companies and banks for their security solutions.

To exploit this vulnerability, hackers will access and send packets containing exploit code to the web admin interface or SSL VPN Consoles (SSL VPN Consoles) to hijack the device. If successful, the bad guy can remotely execute unauthorized commands without providing a username and password.

The danger is that the bad guy will gain the highest level of access to allow any action on the victim's Cyberoam device, such as a deeper attack on the system, tracking all message data, turning off functions. protection, install backdoors into the intranet .

Warning: Detecting a very serious vulnerability in Cyberoam, a common firewall system in Vietnam Picture 2

As recommended by VSEC, Vietnamese organizations and businesses using Cyberoam should immediately implement the following measures to ensure safety.

1. Cyberoam needs to be updated immediately to the latest version.
2. When transmitting data, it is necessary to use encryption methods, including in internal networks.
3. Improve user awareness of information security.
4. In addition to firewall devices, it is necessary to simultaneously conduct security testing, evaluation and vulnerability scanning on open systems, applying world security standards such as OWASP, ISO 27008.