Cisco Patches Security, Wireless Appliances

Friday, November 6, 2015 @ 05:11 PM gHale

Cisco fixed critical and high severity vulnerabilities affecting some of the company’s security and wireless appliances.

The most serious of the flaws disclosed is a command injection vulnerability affecting the certificate generation process in the administration web interface of the Cisco Web Security Appliance (WSA).

Yokogawa, Cisco Collaborate
Cost Effective Cisco IOS Rootkits Possible
Patched Cisco Web VPNs Hit by Attack
Cisco Tool to Detect Router Attacks

The vulnerability, caused by improper parameter validation, can end up leveraged by a remote attacker to execute arbitrary commands with root privileges.

The Cisco Web Security Appliance also suffers from a high severity denial-of-service (DoS) vulnerabilities that could end up exploited to cause the device to run out of system memory.

One of these security bugs affects the file-range request functionality of Cisco AsyncOS, while the other impacts the AsyncOS proxy cache functionality.

Vulnerabilities in AsyncOS components also affect the Cisco Email Security Appliance (ESA). One of these issues, a DoS flaw, can end up used by an attacker to cause the device to stop accepting new TCP connections. The second issue, first disclosed in June, can end up used by a remote, unauthenticated attacker to bypass the appliance’s anti-spam functionality.

Cisco also announced patching high severity vulnerabilities in the Mobility Services Engine, a platform designed to help organizations increase visibility into their network, strengthen security, and deploy location-based mobile services via Wi-Fi.

Security researcher Jeremy Brown discovered the platform has a user account protected by a default and static password. An unauthenticated attacker can use it to remotely log in to the Mobility Services Engine. However, Cisco pointed out the account in question doesn’t have full admin privileges.

Brown also found a privilege escalation vulnerability in the Mobility Services Engine. The flaw can end up exploited by a local, authenticated attacker to escalate their privileges to root.