"Vendor Quickly Patches Serious Vulnerability in NATO-Approved Firewall"
A patch was released for a critical vulnerability found in a firewall appliance made by Genua, a Germany-based cybersecurity company. The firewall called Genugate is said to be the only firewall in the world to receive a "highly resistant" rating by the German government. According to Genua, its Genugate firewall is also classified as "NATO Restricted." Genua's products have been used by industrial, government, military, and other critical infrastructure organizations. SEC Consult recently revealed that the Genugate firewall is impacted by a critical authentication bypass vulnerability contained by its administration interfaces. Once a threat actor has gained access to an organization's network, they can use the vulnerability to log in to the firewall's administration panel as any user. If an attacker has full admin/root access rights within the admin web interface, they can reconfigure the entire firewall, including the firewall ruleset, email filtering configuration, web application firewall settings, proxy settings, and more. Attackers could modify the firewall's configuration to access otherwise unreachable systems or redirect company traffic to an attacker-controlled proxy server by exploiting this vulnerability. The highly critical security vulnerability seems to affect all versions of the Genugate firewall. This article continues to discuss the use of the Genugate firewall by critical infrastructure organizations, the critical authentication bypass vulnerability affecting the firewall, and what the abuse of this flaw could allow attackers to do.
Security Week reports "Vendor Quickly Patches Serious Vulnerability in NATO-Approved Firewall"