Researcher warns of a MacOS vulnerability that Apple refuses to correct
infosec

Researcher warns of a MacOS vulnerability that Apple refuses to correct

According to an Italian security researcher named Filippo Cavallarin, macOS Mojave 10.14.5 and younger are vulnerable to a ...
Read More
infosec

The Pentagon: Educates the cyber-squire for a world war on a deserted island!

The Pentagon: Few have access to Plum Island in which a secret branch of the US government is located and performs exercises ...
Read More
infosec tweaks

New generation malware and ways of protection: What you need to know

Every day we hear about new attacks by hackers on companies, organizations, and even individuals. The worrying is that the scammers ...
Read More
infosec

Google Play Protect protects your device from malware. Turn it on!

Due to the recent vulnerability of WhatsApp that enabled hackers to remotely install spyware on both ...
Read More
infosec

Hackers stole sensitive NederWoon customer information

A home rental company, NederWoon, has been hit by hackers. Hackers managed to get into the company's systems ...
Read More
Latest Posts

Cisco warns of vulnerabilities in 9000 series routers

cisco-warns-for-exploits

Cisco has issued 31 security tips this week, but has focused users' attention on "critical" patches for IOS and IOS XE Software Cluster Management, and IOS for Cisco ASN 9000 Series routers. Some other vulnerabilities also need attention if clients use Cisco wireless LAN controllers.

cisco-warns-for-exploits

The first critical patch concerns the vulnerability of the Cisco Cluster Management (CMP) management code on Cisco IOS and Cisco IOS XE that could allow an unauthorized remote attacker to send distorted CMP settings during a session Telnet with a Cisco device configured to accept such connections. A exploit could allow an attacker to execute arbitrary code and gain full control of the device or cause the device to restart.

According to the company, the cluster management protocol uses Telnet internally as a signaling and command protocol among cluster members. Vulnerability is due to a combination of two factors:

The failure to restrict the use of Telnet CMP options to internal local communications between members of the cluster and to accept such settings through any Telnet connection on a device.

Incorrect processing of distorted Telnet CMP settings.

Cisco reports that the vulnerability can be recognized during validation of the Telnet connection via IPv4 or IPv6. Sending distorted settings to Telnet sessions through the device is not a vulnerability.

The company says there are no solutions to this problem, but disabling Telnet as a permitted protocol for incoming connections would eliminate the exploit factor. Cisco recommends disabling Telnet and replacing it with the SSH protocol. Information on how to do both can be found in the Cisco IOS Device Guide.

The second critical patch concerns a vulnerability in the sysadmin virtual machine (VM) on the Cisco ASR 9000 class routers running Cisco IOS XR 64-bit software. The software could allow a remote attacker to access internal applications running on the sysadmin VM.
The company said the vulnerability is due to a poor isolation of secondary management interface from internal sysadmin applications. An attacker could exploit this vulnerability if they were connected to one of the internal applications. A successful attack could lead to unstable conditions, including both DoS and remote unauthorized access to the device.

Finally, Cisco wrote that many vulnerabilities in the Cisco Wireless LAN Controller (WLC) GUI configuration could allow an authorized remote attacker to force the device to reboot suddenly during device configuration when the administrator is using it the GUI on a device. The attacker should have valid administrator credentials on the device to operate this exploit, Cisco said.

"These vulnerabilities are due to incomplete input validation for inappropriate configuration settings that the attacker can submit when accessing the GUI configuration menus. An attacker could exploit these vulnerabilities by certifying the device and submitting information from users when they used the GUI's functional GUI configuration, "said Cisco, and added," These vulnerabilities have been identified as "high risk" because they could to be exploited when security updates are not installed ".

The company released software updates that address these vulnerabilities and said there are no other solutions to the issue.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *