Are Network Security Devices Endangering Orgs With 1990s-Era Flaws?

Critics question the continued prevalence of basic, old vulnerabilities in mission-critical cybersecurity products. These include issues like buffer overflows and SQL injections, which predate modern security controls. Network edge devices, historically relied upon for defense, are increasingly becoming security liabilities themselves. In 2024, a significant portion of exploited zero-day vulnerabilities targeted these appliances. This trend has persisted, affecting major vendors like Citrix, Ivanti, and Cisco. Network edge devices are attractive targets due to their remote accessibility and lack of endpoint monitoring. While vulnerabilities have been reported for years, attacker interest has surged recently, making them a top initial access vector. The COVID-19 pandemic and declining phishing success contributed to this shift. Many exploitable flaws should have been caught by basic code analysis or reviews, yet some are embarrassingly trivial. The presence of old, legacy code in these appliances also contributes to their vulnerability.