"genugate Firewall: Well Protected Against Attacks. Your level of IT security is determined largely at the interface between the Internet and the local network. The attacks from the outside and the data sent from the inside pass through this point.
The High Resistance Firewall genugate satisfies the highest requirements: two different firewall systems – an application level gateway and a packet filter, each on separate hardware – are combined to form a compact solution. genugate is approved for classification levels German and NATO RESTRICTED and RESTREINT UE/EU RESTRICTED. genugate is certified according to CC EAL 4+"
The vendor provides a patched version for the affected products which should be installed immediately.
Customers should also adhere to security best practices such as network segmentation and limiting access to the admin panel. This is also a requirement for certified and approved environments.
1) Authentication bypass vulnerability (CVE-2021-27215)
The Admin Web interface, the Sidechannel Web and Userweb interface can use different methods to perform the authentication of a user. A specific authentication method during login does not check the provided data and returns OK for any authentication request. This allows an attacker to login to the admin panel with a user of his choice, e.g the root user with highest privileges or even a non-existing user.
An attacker needs to have network access to the admin interface. Certified and approved environments mandate that the admin interface is only reachable through a strictly separated network. Nevertheless, it is a highly critical security vulnerability and must be patched immediately.