Hackers target Cisco primarily due to its critical role in global network infrastructure and security. Cisco’s devices are essential for protecting sensitive data and communications which makes them attractive targets for espionage.
Cybersecurity researchers at Cisco recently discovered a Cisco flaw that enables threat actors to run commands as root users.
A critical security vulnerability tracked as “CVE-2024-20418”, was detected recently in the web GUI of Cisco Unified Industrial Wireless Software installed on Ultra-Reliable Wireless Backhaul (URWB) Access Points.
A lack of input validation causes the flaw and allows remote unauthorized users to inject commands into the web interface of the attacked device by sending specially prepared HTTP requests.
If the vulnerability is exploited successfully, any threat actors can use all system-level commands through the operating system of the host device with root access and take over complete control of the device.
Challenges that MDR can help you resolve -> Get a Free Guide
This poses a great danger as there are no authentication is required to take advantage of the vulnerability and this enables the threat actor to execute commands from the network remotely.
The vulnerability is present in the internal web management interface of the device which makes it more threatening since this part is important for device management.
Cisco has fixed this serious vulnerability by releasing new patches, and, since no alternatives are found, these necessary security updates are very important for the security of the system.
Such vulnerability falls within the critical range of RCE vulnerabilities, which are expected to score high in CVSS as they allow remote access and root-level privilege without authenticated requirements.
CVE profile:-
Here below we have mentioned all the products that are vulnerable:-
To assess your device vulnerability level, the ‘show mpls-config’ CLI command may be useful, as its existence and functionality indicate that the URWB mode is turned on, and the device is vulnerable.
However, for those devices for which this command is not available, it is an indication that the URWB mode is turned off and they are safe from this particular vulnerability.
Wherever other Cisco products that implement standard MPLS configurations and don’t use the features of URWB will not be exposed to this security threat.
Vulnerability does not affect the following Cisco products:-
Cisco makes its security software updates available free of charge via standard distribution channels to customers who have a service contract and hold a license.
In the absence of the contracts, fixes can be obtained through Cisco TAC after providing the product serial number and the advisory URL.
Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!
Vulnerability Assessment and Penetration Testing (VAPT) tools are an integral part of any cybersecurity toolkit,…
Microsoft has allowed unprivileged users to update their own User Principal Names (UPNs) in Entra…
IntelBroker, a key figure within the dark web's BreachForums, has announced his resignation as the…
A critical vulnerability in Kubernetes, designated as CVE-2024-9042, has been discovered, enabling attackers to execute…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical…
Researchers from the University of Florida and North Carolina State University conducted an extensive analysis…