Your one-stop web resource providing safety and security information to manufacturers

Cisco has fixes ready to go for two critical and five high vulnerabilities where an attacker could exploit them and take control of an affected system.

The two vulnerabilities rated critical are Small Business 220 Series Smart Switches Remote Code Execution (RCE) Vulnerabilities cisco-sa-20190806-sb220-rce and a Small Business 220 Series Smart Switches Authentication Bypass Vulnerability.
cisco-sa-20190806-sb220-auth_bypass

In the 220 Series Smart Switches RCE issues, there are multiple vulnerabilities in the web management interface of Cisco Small Business 220 Series Smart Switches that could allow an unauthenticated, remote attacker to overflow a buffer, which then allows the execution of arbitrary code with root privileges on the underlying operating system.

The vulnerabilities are due to insufficient validation of user-supplied input and improper boundary checks when reading data into an internal buffer. An attacker could exploit these vulnerabilities by sending malicious requests to the web management interface of an affected device. Depending on the configuration of the affected switch, the malicious requests must be sent via HTTP or HTTPS.

Cyber Security

This vulnerability affects CiscoSmall Business 220 Series Smart Switches running firmware versions prior to 1.1.4.4 with the web management interface enabled. The web management interface is enabled via both HTTP and HTTPS by default.

In the 220 Series Smart Switches authentication bypass vulnerability, a vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to upload arbitrary files.

The vulnerability is due to incomplete authorization checks in the web management interface. An attacker could exploit this vulnerability by sending a malicious request to certain parts of the web management interface. Depending on the configuration of the affected switch, the malicious request must be sent via HTTP or HTTPS. A successful exploit could allow the attacker to modify the configuration of an affected device or to inject a reverse shell.

Cisco released software updates that address this vulnerability.

The other vulnerabilities rated high include:
• Webex Network Recording Player and Webex Player Arbitrary Code Execution Vulnerabilities
• Enterprise NFV Infrastructure Software VNC Authentication Bypass Vulnerability
• IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability
• IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability
• Adaptive Security Appliance Software Web-Based Management Interface Privilege Escalation Vulnerability

Pin It on Pinterest

Share This