Claroty finds critical FileWave vulnerabilities
IoT device security company Claroty has uncovered two critical vulnerabilities in unpatched versions of FileWave’s Mobile Device Management (MDM) system that could potentially allow attackers to gain full control of any device managed by the platform.
Claroty research arm Team82 said the two vulnerabilities are remotely exploitable and enable an attacker to bypass authentication mechanisms and gain full control over the MDM platform and its managed devices.
According to the research, an attacker able to compromise the platform would be in a position to exfiltrate sensitive data such as a device’s serial number, the user’s email address and full name, address, geolocation coordinates, IP address and device PIN codes from devices on the compromised MDM.
One vulnerability involves exploiting a critical flaw in the authentication process of older versions of the FileWave MDM product suite that allowed researchers to bypass authentication requirements on the platform and obtain super user status.
Exploiting the vulnerability allowed the researchers to take full control over any internet-connected MDM instance, with the company identifying more than 1100 such instances during a sweep for the research.
Team82 noted that there have been a number of attacks on endpoint management products in recent years, including the high-profile compromise of the Kaseya VSA by the REvil ransomware group in July 2021. The attack caused more than 1000 companies to experience significant downtime.
According to Team82, FileWave worked closely with the team to address the vulnerabilities and notify users. The company addressed the issues in the v14.7.2 update to the platform.
BeyondTrust launches beta solution for taming AI agents
BeyondTrust's in-beta AI Agent Security is designed to prevent AI coworkers and autonomous...
DigiCert launches Quantum Central tool
DigiCert's recently launched Quantum Central solution can help security and IT teams prepare...
Guest accounts a major threat to IT environments: report
Kaseya's 2026 SaaS Security Report found that SMBs are leaving themselves exposed to attack...
