Security vulnerabilities are part of our day to day world. Patching equipment will always mitigate risks. Below we keep track of the big ones for our vendors.
October 12 2020
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 126.96.36.199, 188.8.131.52, 184.108.40.206 and SonicOSv 6.5.4.v.
September 28 2020
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network.
To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access.