Cisco has released a patch that addresses three critical security bugs in the IOS XE Internetworking Operating System. This could allow an attacker to execute arbitrary code remotely, causing a denial of service (DoS) condition on a vulnerable device.
The most serious of these issues is CVE-2021-34770, a Remote Code Execution (RCE) with a CVSS score of 10.0.
According to Cisco, this vulnerability is a “logical error” that occurs while processing a wireless access point control and provisioning (CAPWAP) protocol.
The CAPWAP protocol allows the central wireless controller to handle the processing of IOSXE software for Catalyst 9000 family wireless controllers.
According to Cisco, this bug could allow an attacker to execute arbitrary code with root privileges after sending a specially crafted packet.
If the attack is successful, the target device will crash and reload, resulting in a DoS condition.
This flaw affects the Catalyst 9800 and 9800-CL wireless controllers. Catalyst 9300, 9400, and 9500 series switches. A wireless controller built into the catalytic access point.
The second critical vulnerability that Cisco addresses is a buffer overflow in IOS XE SD-WAN. This could allow an unauthenticated remote attacker to execute arbitrary commands with root privileges or reload the device, causing a DoS condition.
Indexed as CVE-2021-34727, this bug occurs due to inadequate boundary checking when the affected device handles traffic.
An attacker could exploit this bug by sending a specially crafted traffic to the device.
Products affected by this bug include the Cloud Services Routers 1000V Series, Integrated Services Routers (ISR) 1000 and 4000 Series, and Aggregation Service Routers (ASR) 1000 Series.
Finally, Cisco has patched CVE-2021-1619. This is a bug caused by uninitialized variables in the authentication, authorization, and accounting (AAA) features of Cisco IOS XE Software.
If the attack is successful, the authenticated remote actor “installs, manipulates, deletes the network device’s configuration, destroys the device’s memory,” and goes into a DoS state.
Cisco states that there are no reports of these three bugs being actually exploited.
These fixes were released as part of Cisco’s September 2021 Security Advisory Bundle for IOS and IOS XE Software.
This month, Cisco fixed 27 vulnerabilities, including 13 high-severity and 11 medium-severity bugs.
Earlier this month, the company urged users to patch critical vulnerabilities in virtualized network devices after the proof-of-concept (PoC) exploit code was released.
Indexed as CVE-2021-34746, this vulnerability affected the TACACS + authentication, authorization, and accounting capabilities of Cisco Enterprise NFV infrastructure software.
And in June, it was reported that cybercriminals were exploiting a security flaw (CVE-2020-3580) in a Cisco Adaptive Security Appliance (ASA) device in an active attack after the release of the PoC exploit code.
Cisco first revealed the details of the cross-site scripting (XSS) bug in October 2020 and published a fix for it. Due to the incompleteness of the first patch, the vendor released an additional patch for the bug in April 2021.
In its recommendation, Cisco said it would release patches to address multiple XSS bugs in the ASA and Firepower Threat Defense (FTD) software web services.
Organizations have been asked to patch their devices against CVE-2020-3580 to protect sensitive data from threat attackers.
Cybersecurity company Rapid7 warned last year that as of July 2020, there were more than 85,000 ASA / FTD devices accessible to the Internet. Of these devices, 398 were distributed to 17% of Fortune 500 companies.
Cisco has fixed three critical bugs in IOS XE software
Source link Cisco has fixed three critical bugs in IOS XE software