Just last week, on Friday, we wrote about remote code execution vulnerability in D-Link routers, affecting 11 device models.

The recent hack of the Equation Group (closely connected with NSA) made publicly available information about exploits against networking equipment, manufactured by the biggest US vendors: Cisco, Juniper and Fortinet.

Only today we have issued several security bulleting describing two zero-day vulnerabilities in CISCO ASA Appliances (CVE-2016-6366, CVE-2016-6367), remote code execution in FortiOS (SB2016081801) and a very inconvenient issue with default public ssh-key in VMWare Photon OS (CVE-2016-5332).

Cisco confirmed EXTRABACON and EPICBANANA exploits, however there is no information from other vendors. Fortinet did not make any official statement, just released an advisory describing remote code execution vulnerability in FortiOS. It is unknown, if this issue is connected with the leak.

Earlier this year Juniper had to deal with backdoor in ScreenOS source code, which was present in security solutions at least since 2009.

Clearly, such interest in vulnerabilities within networking equipment is due to lack of implemented protection mechanisms. While workstations and servers are updated frequently and equipped with firewalls and antivirus software, devices intended to provide basic perimeter protection fail. Firmware update process for majority of networking equipment is complicated and often requires additional efforts from IT stuff or can cause outage.

The situation with vulnerabilities in hardware is very disturbing. Devices, which are supposed to provide at least the most basic level of protection for your network assets can be as easily compromised, as any other host. It is no longer safe to rely just on one device from one vendor. And even if you have a dozen firewalls, it does not mean they do not have faulty implementation of some networking protocol.

Anyways, we can suggest at least to limit access to services, which are facing the Internet directly. You can use our free online vulnerability scanner to check publicly open ports and presence of vulnerable software on your systems.