Cisco Clears Router, Firewall Issues

Thursday, February 28, 2019 @ 05:02 PM gHale

Cisco released fixes to handle critical and high level vulnerabilities where a remote attacker could exploit one issue to take control of an affected system, according to a report with the Cybersecurity and Infrastructure Security Agency (CISA).

In one fix, Cisco released an update to handle a vulnerability labeled critical in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router which could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.

RELATED STORIES
Cisco Issues Security Update
Cisco Clears Vulnerabilities
Cisco Clears Security Appliance Holes
SQL Injection Flaw Fixed in Cisco’s PLM

The vulnerability, which has a CVSS score of 9.8, is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user, according to the Cisco advisory.

Cisco released updates that address the vulnerability, but there are no workarounds.

In addition, Cisco fixed a vulnerability it labeled high in the update service of Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user.

The vulnerability, which has a CVSS score of 7.8, is due to insufficient validation of user-supplied parameters. An attacker could exploit this vulnerability by invoking the update service command with a crafted argument. An exploit could allow the attacker to run arbitrary commands with SYSTEM user privileges, according to Cisco’s advisory.

While the CVSS Attack Vector metric denotes the requirement for an attacker to have local access, administrators should be aware in Active Directory deployments, the vulnerability could end up exploited remotely by leveraging the operating system remote management tools.

This vulnerability affects all Cisco Webex Meetings Desktop App releases prior to 33.6.6, and Cisco Webex Productivity Tools Releases 32.6.0 and later prior to 33.0.7, when running on a Microsoft Windows end-user system.

Cisco released updates that address the vulnerability, but there are no workarounds.



Leave a Reply

You must be logged in to post a comment.