A recent report by NCC Group found that many security appliances such as email gateways, firewalls, web content filters, terminal services, unified threat management (UTM) systems and other appliances were filled with vulnerabilities.

The report highlighted products from Sophos, Citrix, Pfsense, Symantec and Trend Micro showing that many had vulnerabilities such as:

• Cross-Site Scripting (XSS)
• SSH or WebUI susceptible to brute-force attacks
• Unpatched operating systems
• Privilege Escalation
• Command-Injection via the WebUI

Many users may feel that because these are security appliances that they must be inherently secure, but the report clearly shows that this is not the case.

Security appliances are not just a cause of concern, many other services now come in an appliance form-factor. Services such as IP Telephony PBXs, environmental management and network management come as appliances that you just drop and configure within your network. Also consider the many network devices that have mini operating systems within them such as environmental monitors, network printers or security systems. All of these are applications that need to be managed and secured.

While the risk that those vulnerabilities may be exploited by outside attackers may be small, simply because an appliance or device is not directly connected to the Internet does not mean that it is not at risk and that you should not make all attempts to secure it. Attacks can originate from the inside of the network, or in the case where a user PC may be compromised, allow a way for the attacker to gain even more control of your network.

To reduce the risks of these appliances and devices consider implementing the following:

• Change the non-default usernames and passwords on all appliances and devices. Use a strong password.
• Avoid exposing the management interfaces of these appliances and devices to the internet or other unprotected networks.
• Consider placing the management interfaces in a protected network behind a firewall within your internal network.
• Keep the operating systems and firmware of the appliances and devices updated.
• Ensure that logging is enabled on all the devices, and if possible, set up alerts to be sent for any login attempt.
• Disable unnecessary or insecure services on appliances such as telnet, http and ftp. Use encrypted protocols such as SSH, SFTP and HTTPS.

Here’s to a more secure future.

Original article: or you may find yourself becoming a victim of irony'">Ensure that you secure those security appliances or you may find yourself becoming a victim of irony

©2025 Interxect Services Limited. All Rights Reserved.