! ! BRAND NEW WHITEPAPER: SOFTWARE SUPPLY CHAIN REGULATIONS: How to achieve effective & efficient SBOM management? »DOWNLOAD YOUR COPY NOW ! !

Pwn2Own: IoT Inspector Research Lab uncovers vulnerabilities in Cisco router

At this year’s Pwn2Own competition, our team from the IoT Inspector Research Lab successfully identified three previously unknown vulnerabilities in the Cisco RV340 router, thereby gaining control over the device (remote code execution via authorization bypass and command injection).  

By exploiting these vulnerabilities, attackers could gain access to corporate networks and spy on sensitive data, for example. This popular business router is used by thousands of companies all over the world. 

All details will be published after the standardized 90-day disclosure period, during which the manufacturer has the opportunity to fix the vulnerabilities. 

Big up to the IoT Inspector Research Lab for their great success! 

Internationally renowned competition 

Pwn2Own is one of the most renowned hacker competitions in the world. It is organized by the Zero Day Initiative and has been held bi-annually since 2007.  

Participants are invited to uncover new vulnerabilities in common software and wireless devices. For this year’s event, 22 participants submitted 58 hacks – more than ever before. Many manufacturers cooperate with the renowned hack event and voluntarily put their devices up for attacks to improve the security of their products. 

Picture Credit: zerodayinitiative.com

About ONEKEY

ONEKEY is the leading European specialist in Product Cybersecurity & Compliance Management and part of the investment portfolio of PricewaterhouseCoopers Germany (PwC). The unique combination of an automated Product Cybersecurity & Compliance Platform (PCCP) with expert knowledge and consulting services provides fast and comprehensive analysis, support, and management to improve product cybersecurity and compliance from product purchasing, design, development, production to end-of-life.

Critical vulnerabilities and compliance violations in device firmware are automatically identified in binary code by AI-based technology in minutes – without source code, device, or network access. Proactively audit software supply chains with integrated software bill of materials (SBOM) generation. “Digital Cyber Twins” enable automated 24/7 post-release cybersecurity monitoring throughout the product lifecycle.

The patent-pending, integrated Compliance Wizard™ already covers the upcoming EU Cyber Resilience Act (CRA) and existing requirements according to IEC 62443-4-2, ETSI EN 303 645, UNECE R 155 and many others.

The Product Security Incident Response Team (PSIRT) is effectively supported by the integrated automatic prioritisation of vulnerabilities, significantly reducing the time to remediation.

Leading international companies in Asia, Europe and the Americas already benefit from the ONEKEY Product Cybersecurity & Compliance Platform and ONEKEY Cybersecurity Experts.

 

CONTACT:

Sara Fortmann

Marketing Manager

sara.fortmann@onekey.com

 

euromarcom public relations GmbH

+49 611 973 150

team@euromarcom.de

Stay informed

News

Security Advisory: Remote Code Execution in Delta Electronics DVW Devices

April 24, 2024

Spotting Silent Patches in OSS with Binary Static Analysis

April 9, 2024

IT Security: New Automated Zero-Day Security Analysis For Binary Executable Files!

March 18, 2024
All news

Downloads

ONEKEY SBOM Whitepaper Cover_Website-Download

Whitepaper: How to achieve effective & efficient SBOM management?

ONEKEY Whitepaper EU Cyber Resilience Act Cover

Whitepaper: Understanding the EU Cyber Resilience Act

Coverpage of the ONEKEY Success Story

Use Case: How SWISSCOM saves 400K EUR per avoided incident

ONEKEY Datasheet Manufacturing Coverpage

Datasheet: ONEKEY Platform - Manufacturing

All Downloads
contact us
  • ONEKEY GMBH
    KAISERSWERTHER STRASSE 45
    40477 DÜSSELDORF, GERMANY 
  • © ONEKEY GmbH