Summary
Threat actors are conducting mass exploitation of a critical hard-coded credential flaw (CVE-2024-9643) in Four-Faith industrial routers to build botnets and gain footholds in corporate networks.
Take Action:
Make sure all your Four-Faith industrial routers are isolated from the internet and only accessible from trusted networks. Then immediately update to the latest firmware to patch CVE-2024-9643, and disable the web management interface on any public-facing ports.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)