Small and midsized businesses (SMBs) are facing significant security challenges as several major edge device vendors address critical security vulnerabilities. Asus and Zyxel have released patches to fix vulnerabilities in their router models, while Western Digital has taken the step of cutting off unpatched devices from the cloud.
Asus released new firmware on June 19 to address nine separate vulnerabilities in their router models. One of the vulnerabilities could potentially allow a cyberattacker to gain code execution ability. The most serious flaws include a critical memory corruption weakness and a vulnerability that could enable arbitrary code execution. These vulnerabilities pose a significant threat to the security of Asus routers and the networks they are connected to.
Similarly, Western Digital has blocked devices running unpatched firmware from accessing the cloud. This action was taken due to a severe vulnerability in Western Digital’s MyCloud Home and other cloud storage devices. The vulnerability could lead to remote code execution, and despite receiving a high vulnerability-severity score, the flaw was known to the public for a month before affected devices were blocked. This left users vulnerable during that time period.
Zyxel has also released patches for code-injection vulnerabilities in its network-attached storage devices. The vulnerabilities could allow an unauthenticated user to execute operating system commands. These vulnerabilities highlight the need for prompt action from Zyxel users to patch their devices and prevent potential exploits.
The recent surge in edge device patch warnings signals an increasing risk for SMBs. With the number of active IoT and edge devices predicted to reach 27 billion by 2025, the attack surface for these devices is expanding rapidly. Many SMBs, however, lack the necessary cybersecurity measures to protect against these threats. Edge devices are often a cost-effective solution for SMBs, but their lack of monitoring and centralized management can lead to vulnerabilities that provide easy access for attackers.
Threat actors have also recognized the attractiveness of targeting edge infrastructure. The lack of monitoring and visibility, along with their always-public-facing nature, makes these devices an enticing target. Additionally, edge devices often use open-source components, further increasing their vulnerability to attacks.
To secure the SMB edge, experts recommend starting with a comprehensive inventory of devices using an agentless asset discovery solution. This visibility can help prioritize resources effectively and address patching, credential management, and configuration hardening. An automated approach can streamline firmware and password updates for IoT and edge devices. Organizations should also consider whether devices need to be connected to the internet or if they can be moved to a more secure internal network connection.
Another crucial step is clear ownership and tracking of device lifecycle management. It is essential to regularly review devices with no particular owner or purpose and remove them from the network. For more mature organizations, incorporating software bills of materials (SBOMs) can provide added visibility and help identify potential risks before vendors release patches.
Overall, SMBs must recognize the significant security risks associated with edge devices and take proactive measures to protect their networks. By implementing robust cybersecurity measures and staying vigilant in patching vulnerabilities, SMBs can mitigate the threats posed by these critical security vulnerabilities.