UCF InfoSec wants to make the UCF community aware of recently disclosed vulnerabilities impacting certain Netgear products. With so much work being conducted from home, it’s more important than ever to take steps to protect your home network.
What is the issue?
Multiple vulnerabilities have been discovered specifically in Netgear products. The most severe of these vulnerabilities could allow a successful attacker access to the system. This could lead to disclosure of your personal information. If you are working from home, it may also result in a breach of university data.
Netgear provides a full list of vulnerabilities, affected devices, and security updates on their site: https://www.netgear.com/about/security/ .
What should I do?
Reference the Netgear site linked above to determine if your device is affected. If so, please consider applying any patches provided by Netgear. Please note that you are accepting the responsibility in the event your wireless router encounters problems during the patching process. This advisory is provided as a courtesy to the UCF community, and UCF InfoSec strongly recommends you follow your device manufacturer’s instructions for patching your device.
Additionally, regardless of the brand of wireless router you are using, you should take the following steps to secure it. Refer to your device’s manual for specific instructions. Even if you are not using a Netgear wireless router, please be sure the one you are using is kept up-to-date and secure at all times.
- Ensure your router is running the latest software as provided by the manufacturer;
- Turn off Remote Management on your wireless router or web interface;
- Consider replacing your router if it is no longer receiving security updates from the manufacturer;
- Protect your wireless network with WPA2 and with a strong password.
Remember that using a VPN is not enough to guard against security vulnerabilities in the router itself. You should always use the UCF VPN when accessing UCF systems remotely, but you should also make sure your wireless router is secure and up to date.
For more information, please visit https://www.us-cert.gov/ncas/current-activity/2020/06/29/netgear-router-vulnerabilities .
If you have any questions, please contact the Information Security Office at infosec@ucf.edu. Thank you for remaining vigilant and taking steps to keep your home network secure.
Thank you,
UCF Information Security Office
infosec@ucf.edu
https://infosec.ucf.edu