- Fukushima Report: Robot Lifts Melted Fuel
- TÜV, Nozomi Ink Partnership Pact
- Pangea Patches Bypass Vulnerability
- Fuji Fixes FRENIC Devices
- ARC: Safety and Profitability Work Together
- Public Needs to Know About Chem Releases: Judge
- Robot Testing Radioactive Fuel at Fukushima
- Siemens Fixes CP1604, CP1616 Holes
- Siemens has Upgrade for Intel AMT
- Siemens Fixes Hole in SIMATIC S7-300 CPU
- Siemens has Licensing Software Fix for SICAM 230
- Siemens Fixes Ethernet Communication Module, Relays
- OSIsoft has Update for PI Vision Hole
- First Responders Test Technology
- Manufacturing Targeted in Hack Attack
- Siemens Fixes SICAM A8000 RTU Series Hole
Chemical Safety Incidents
Cisco Patches DCNM Vulnerabilities
Friday, June 9, 2017 @ 03:06 PM gHale
Cisco patched vulnerabilities in its Prime Data Center Network Manager (DCNM) which had two critical vulnerabilities an attacker could leverage for remote code execution and to access the product’s administrative console.
One of the flaws, CVE-2017-6639, has a lack of authentication and authorization for a debugging tool inadvertently left enabled.
RELATED STORIES
Cisco Releases Huge Zero Day Patch
Cisco Fixes Multiple Vulnerabilities
Cisco Finds Moxa Vulnerabilities
Cisco Fixes Aironet Flaws
A remote, unauthenticated attacker can leverage the vulnerability to access sensitive information or execute arbitrary code with root privileges by connecting to the debugging tool via TCP.
The vulnerability affects Cisco Prime DCNM releases 10.1(1) and 10.1(2) for Windows, Linux and virtual appliances.
The second Prime DCNM hole, CVE-2017-6640, has a default user account protected by a static password. An attacker who can remotely connect to the affected system can use this account to gain privileged access to the server’s administration interface.
The networking giant said this flaw only affects Prime DCNM running software version 10.2(1) for Windows, Linux and virtual appliances.
The DCNM vulnerabilities came to Cisco from Antonius Mulder of Commonwealth Bank of Australia. As of now, there is no evidence that they have undergone exploitation.
The vulnerabilities ended up patched with the release of version 10.2(1). No workarounds are available.
In addition, Cisco also published an advisory for a high severity local privilege escalation vulnerability affecting AnyConnect Secure Mobility Client for Windows versions prior to 4.4.02034.
The vulnerability, reported by Felix Wilhelm of ERNW, allows a local attacker to install and execute a file with SYSTEM privileges.
Leave a Reply
You must be logged in to post a comment.