Episode Details

This story was originally published on HackerNoon at: https://hackernoon.com/why-enterprise-security-appliances-keep-breaking-the-same-way.
Ivanti, Fortinet, Palo Alto, and Cisco keep shipping the same pre-auth bug on the same exposed surface. Why perimeter security appliances fail, and what to do.
Check more stories related to cybersecurity at: https://hackernoon.com/c/cybersecurity. You can also check exclusive content about #cybersecurity, #network-security, #vpn, #vulnerabilities, #infosec, #perimeter-security, #appliance-compromise, #hackernoon-top-story, and more.

This story was written by: @patchdayalert. Learn more about this writer by checking @patchdayalert's about page, and for more stories, please visit hackernoon.com.

Ivanti, Fortinet, Palo Alto, and Cisco keep shipping the same class of bug: memory-unsafe C on the unauthenticated, internet-facing path of their VPNs and firewalls, much of it ransomware-linked and slow to be disclosed. Patching the CVE often does not remove an attacker who already got in. The perimeter appliance is a structural liability, not a streak of bad luck, so treat it like one: shrink exposure, assume prior compromise when you patch an exposed device, make end-of-life a signed decision, and read these advisories as day-zero events.