Cisco recently disclosed a series of vulnerabilities affecting its ATA 190 Series Analog Telephone Adapter firmware, which could potentially pose significant risks to users. These vulnerabilities have the potential to allow remote attackers to execute unauthorized actions, such as remote code execution and configuration changes. Here is a detailed breakdown of the vulnerabilities and the impact they can have on users.

The vulnerabilities identified in Cisco’s advisory impact the ATA 190 Series Analog Telephone Adapter firmware on both on-premises and multiplatform devices. The specific vulnerabilities include:

1. Remote Code Execution: Attackers can execute commands as the root user.
2. Cross-site scripting (XSS): Enables attackers to inject malicious scripts.
3. Cross-Site Request Forgery (CSRF): Allows attackers to perform actions on behalf of users.
4. Configuration Changes: Unauthorized users can alter device configurations.
5. Information Disclosure: Attackers can view sensitive information like passwords.

Several CVE entries have been assigned to these vulnerabilities, including CVE-2024-20420, CVE-2024-20421, and CVE-2024-20458. The Common Vulnerability Scoring System (CVSS) scores for these issues range from 5.4 to 8.2, indicating medium to high severity.

The impacted products include the ATA 191 on both on-premises and multiplatform versions, as well as the ATA 192 in the multiplatform version only. Cisco has confirmed that no other products are affected by these vulnerabilities.

Specific details of the vulnerabilities include CVE-2024-20458, which is an authentication vulnerability that allows unauthenticated remote attackers to view or delete configurations or change the firmware. This vulnerability has a CVSS score of 8.2, making it highly critical. Additionally, CVE-2024-20420 allows authenticated remote attackers with low privileges to execute commands as an Admin user. CVE-2024-20421 is a CSRF vulnerability that allows attackers to perform arbitrary actions on affected devices.

Cisco has released firmware updates to address these vulnerabilities and users are strongly encouraged to upgrade to secure their devices. For the ATA 191, users should upgrade from version 12.0.1 or earlier to 12.0.2, while ATA 191 and 192 Multiplatform users should upgrade from version 11.2.4 or earlier to 11.2.5. It is important for organizations using Cisco ATA 190 Series devices to prioritize upgrading their firmware to mitigate potential risks associated with these vulnerabilities.

These vulnerabilities serve as a reminder of the importance of regular software updates and maintaining vigilance in cybersecurity practices. Organizations should take proactive measures to ensure the security of their devices and networks against potential threats.

Извор линк