home network are assure against outside tone-beginning , home meshing are segmented , and simple machine - to - motorcar communication are protect with Genua Genugate . The ship’s company allege that its Genugate firewall is the solely one in the planetary to be give way a “ highly repellent ” rate by the German politics , and that it comply with NATO ’s “ NATO Restricted ” and the European Union ’s “ RESTREINT UE / EU RESTRICTED ” data security standard . important fabrication , governance , war machine , and early full of life infrastructure organization , harmonise to the marketer , have secondhand its goodness . yet , this does not dominion out the possibility that Genua ’s firewall are vulnerable to knockout blemish . The Genugate firewall ’s presidency port are vulnerable to a crucial certification bypass vulnerability ( CVE-2021 - 27215 ) , concord to SEC Consult . An intruder with web admittance to an establishment port can payoff reward of the tease to lumber in to the device ’s admin control panel as any substance abuser , include the base substance abuser , disregardless of their watchword . “ An intruder will obtain total admin / beginning admission rightfield inside the admin World Wide Web interface , leave them to reconfigure the intact firewall , admit firewall rulesets , e-mail filter constellation , World Wide Web diligence firewall context , proxy mise en scene , and and then along , ” accord to SEC Consult . “ assailant may , for instance , spay the form to win approach to net that are other than unprocurable or reroute caller traffic to an aggressor - hold placeholder host . ” “ certified and licence environment mandate that the admin user interface is simply reachable via a rigorously segregate web , ” SEC Consult excuse in its consultative . yet , it is a critical security department fault that must be limit now . ” Armin Stock of Atos Germany — the IT overhaul whale Atos acquire SEC Consult endure class — find out the mistake . In former January 2021 , the resultant were render to the marketer , and a plot of land was eject only when a few daylight later . The germ come along to be face in all interlingual rendition of the firewall . SEC Consult has loose an advisory excuse the vulnerability , but no test copy - of - construct ( PoC ) code has been pass water usable . A television illustrate how an onset workplace has besides been liberate by the caller .