On April 11th, 2024, we identified multiple buffer overflow vulnerabilities and have promptly addressed them with critical security enhancements. To protect your system, we strongly recommend upgrading the firmware to at least from the listed version.These vulnerabilities are listed below.
Firmware versions including fixes for the vulnerabilities were released around Aug-Oct 2024 (depending on model), but we are publishing this advisory to encourage users to check the firmware version they are running. Please Check to download, and upgrade the firmware per model as soon as possible to ensure the security of your system.
| Model | Firmware Version |
|---|---|
| Vigor165 | 4.2.7 or later |
| Vigor166 | 4.2.7 or later |
| Vigor2620 LTE | 3.9.8.9 or later |
| VigorLTE 200n | 3.9.8.9 or later |
| Vigor2133 | 3.9.9 or later |
| Vigor2135 | 4.4.5.1 or later |
| Vigor2762 | 3.9.9 or later |
| Vigor2765 | 4.4.5.1 or later |
| Vigor2766 | 4.4.5.1 or later |
| Vigor2832 | 3.9.9 or later |
| Vigor2860 / 2860 LTE | 3.9.8 or later |
| Vigor2862 / 2862 LTE | 3.9.9.5 or later |
| Vigor2865 / 2865 LTE / 2865L-5G | 4.4.5.3 or later |
| Vigor2866 / 2866 LTE | 4.4.5.3 or later |
| Vigor2925 / 2925 LTE | 3.9.8 or later |
| Vigor2926 / 2926 LTE | 3.9.9.5 or later |
| Vigor2927 / 2927 LTE / 2927L-5G | 4.4.5.3 or later |
| Vigor2962 | 4.3.2.8 or later 4.4.3.1 or later |
| Vigor3910 | 4.3.2.8 or later 4.4.3.1 or later |
| Vigor3912 | 4.3.6.1 or later |
We sincerely appreciate the Faraday Security Research team for their efforts in security testing and timely reporting the vulnerability, which help enhance our security measures.
If you have any security-related queries, please reach out to us via the contact form to connect with our technical team.