HomeCyber Balkans"Fixes for Serious Remote Code Execution Vulnerabilities in Cisco Small Business Switches"

“Fixes for Serious Remote Code Execution Vulnerabilities in Cisco Small Business Switches”

Published on

spot_img

Several vulnerabilities were found in Cisco’s small business switches that could allow an attacker to take remote control of the devices, according to the company. Cisco has fixed all these flaws, which are located in the web-based management interface of the devices. Hackers can exploit these issues without the need for authentication, as they have been detected in functionality where authentication is not mandatory. Cisco gave no specific details but recommended customers update to the latest firmware versions to prevent possible attacks, urging them to do so as soon as possible.

The flaws that have been identified are categorised as buffer overflows, which can be manipulated to execute arbitrary code with root permissions. This means that, when these four buffer overflow flaws (tracked as CVE-2023-20159, CVE-2023-20160, CVE-2023-20161, and CVE-2023-20189) are exploited, it generally results in a complete compromise of the device. These four flaws received a 9.8 out of 10 severity rating on the CVSS scale.

Another four flaws caused by buffer overflow conditions can lead to denial-of-service against vulnerable devices while processing maliciously crafted requests. These four flaws (CVE-2023-20156, CVE-2023-20024, CVE-2023-20157, and CVE-2023-20158), which are rated at an 8.6 severity level, can be fixed by patching and updating to the correct firmware.

The final vulnerability discovered is a configuration reading error that enables hackers to read unauthorized information from affected devices without authentication. This flaw, tracked as CVE-2023-20162, is rated with a 7.5 severity level (High) and can also be updated by the implementation of the latest firmware.

To exploit these vulnerabilities, attackers must have access to the web management interface, which can be accomplished directly when the management interface is exposed to the internet, or indirectly by gaining a foothold on an internal network that uses a vulnerable switch.

It’s worth noting that the vulnerabilities affect versions 2.5.9.15 and earlier of the Cisco firmware for 250 Series Smart Switches, 350 Series Managed Switches, 350X Series Stackable Managed Switches, and 550X Series Stackable Managed Switches, as well as firmware version 3.3.0.15 and earlier for Business 250 Series Smart Switches and Business 350 Series Managed Switches. Cisco released fixed firmware versions 2.5.9.16 and 3.3.0.16, respectively, for the firmware issues, while the Small Business 200 Series Smart Switches, Small Business 300 Series Managed Switches, and Small Business 500 Series Stackable Managed Switches will not receive firmware upgrades since they are nearing end-of-life.

Not all affected firmware versions are impacted by all vulnerabilities, which suggests some flaws might be version-specific. Nevertheless, customers should upgrade to the latest firmware version as soon as possible as there are no known workarounds and attackers have previously taken an interest in Cisco devices before, posing a threat to users.

Source link

Latest articles

Chaya_006 Alert: OT Edge Devices Vulnerable to Threats

The Chaya_006 Edge Campaign: Threats Emerge in Operational Technology Forescout Technologies’ Vedere Labs has recently...

Anthropic’s Fable 5 and Mythos 5 Return with Enhanced Security Guardrails

Anthropic Revives Claude Mythos 5 and Claude Fable 5 with Enhanced Security Measures Anthropic has...

Live Webinar: Smarter Cyber Defense for Government and Higher Education

Dr. Tina Carkhuff: A Leader in Data-Driven Public Service Industry Advisor,...

RedLine Infostealer Thread Uncovers Covert Maritime Phishing and BEC Infrastructure

Investigation Reveals Targeted Spear-Phishing and BEC Campaign in Maritime Sector A routine alert from a...

More like this

Chaya_006 Alert: OT Edge Devices Vulnerable to Threats

The Chaya_006 Edge Campaign: Threats Emerge in Operational Technology Forescout Technologies’ Vedere Labs has recently...

Anthropic’s Fable 5 and Mythos 5 Return with Enhanced Security Guardrails

Anthropic Revives Claude Mythos 5 and Claude Fable 5 with Enhanced Security Measures Anthropic has...

Live Webinar: Smarter Cyber Defense for Government and Higher Education

Dr. Tina Carkhuff: A Leader in Data-Driven Public Service Industry Advisor,...