Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

FireEye Fixes Security Vulnerabilities in FireEye Operating System (FEOS)

FireEye Operating System (FEOS) updates that address a series of security vulnerabilities have been released for several products, FireEye announced on Tuesday.

FireEye Operating System (FEOS) updates that address a series of security vulnerabilities have been released for several products, FireEye announced on Tuesday.

The updates fix flaws in FEOS NX, EX, AX, FX and CM. The company advises customers to upgrade their installations to NX 7.1.1.222846, EX 7.1.1.222846, AX 7.1.0.223064, FX 7.1.0.224362 and CM 7.1.1.222846, versions that have been released on June 12, except for FX, which was made available on June 30. FireEye points out the fact that the 7.1.2 special version of CM does not contain all the fixes, which is why users should upgrade to version 7.2.0 or above.

These new versions address a total of five OpenSSL vulnerabilities that were disclosed by the OpenSSL Project on June 5. The most critical of these security holes (CVE-2014-0224) could have been exploited to decrypt traffic through man-in-the-middle (MitM) attacks. FireEye believes that its products are only affected by this particular flaw, but fixes have been implemented for the other issues as a precaution.

Silent Signal has been credited for reporting an “important” severity post-authentication command injection vulnerability in the command-line interface of the FEOS.

“An attacker could issue a special sequence of commands that would allow them to execute arbitrary shell commands in the underlying operating system of the appliance. To take advantage of this vulnerability, an attacker must be able to communicate with the SSH management interface of the appliance AND have valid login credentials, or the attacker must have physical access to the console interfaces of the appliance,” FireEye explained in its advisory.

Other FEOS flaws patched by FireEye include command and SQL injections in the Web user interface, cross-site scripting (XSS), cross-site request forgery (CSRF), and file system read and write issues. The company says it has also updated insecure third-party libraries, made some adjustments to make sure processes are not executed with privileges that are higher than necessary, and ensured that some internal services are not unnecessarily exposed via TCP/IP.

 These problems were uncovered by an independent external vulnerability assessment company and they could have only been exploited by an attacker with access to the management interface.  There’s no evidence that these bugs have been exploited in the wild, FireEye said. Except for the OpenSSL issues, no CVE identifiers have been assigned to the vulnerabilities.

 

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.