Check Point® Software Technologies Ltd. (Nasdaq: CHKP), the worldwide leader in securing the Internet, today announced that its Security Research Group has discovered vulnerabilities in the Admin WebUI portals of three network security vendors. If targeted and exploited, these vulnerabilities would give hackers administrative control over the vendors’ security gateways, potentially leaving business networks exposed to attacks. In the wake of the recent ShellShock WebUI vulnerability, these additional vulnerabilities further increase exposure for certain security vendors.
“Check Point shared its findings with the affected vendors as part of its duty for responsible disclosure of vulnerabilities,” said Oded Vanunu, security research group manager at Check Point Software Technologies. “Check Point is committed to ensuring the security of all organizations. As such, we are obligated to raise awareness of the vulnerabilities that can affect Admin WebUI portals. We strongly recommend that organizations using WebUI check with their vendors to ensure that they are not exposed to the uncovered vulnerabilities.”
The vulnerabilities were discovered using a combination of Cross-site Scripting (XSS), Cross-site Request Forgery (CSRF) and Phishing attacks. To mitigate the risk of Admin WebUI exploits, Check Point strongly recommends organizations using security products with a WebUI portal to implement the following best practices:
- Use a dedicated web browser to manage the WebUI of security devices. Do not use this browser to open and use links from incoming emails, no matter how plausible the email seems to be.
- Use a dedicated management network (physical or logical) that is separate from the users’ Local Area Network (LAN).
- Use a dedicated server that is connected only to the security devices and has no connection to the public Internet. This dedicated server can be managed remotely via a terminal server or VPN connection using strong, two-factor authentication.
“The WebUI approach introduces multiple attack vectors and our research has shown 21 of 23 network security vendors use a WebUI to manage their product security configuration,” concluded Vanunu.
Check Point’s Malware and Security Research Groups regularly perform assessments of common security products to ensure the security of Internet users worldwide. For more information on other research and vulnerabilities findings from Check Point, visit: /advisories/3rd-party-security-vulnerabilities-advisories/.
Follow Check Point via: