Cisco fixes critical pre-auth flaws allowing router takeover

Posted by & filed under Ειδοποιήσεις.

Cisco today has released security updates to address critical remote code execution (RCE), authentication bypass, and static default credential vulnerabilities affecting multiple router and firewall devices that could lead to full device takeover.

Cisco also issued a security update to patch a privilege escalation vulnerability in the Cisco Prime License Manager software.

According to the company, there are no workarounds that could be applied to address these vulnerabilities.

The five security flaws patched today received 9.8 CVSS base score qualitative severity ratings from Cisco which makes them all critical vulnerabilities.

Remotely exploitable by unauthenticated attackers

They can also be remotely exploited by unauthenticated attackers as part of low complexity attacks that don’t require user interaction.

A full list of all critical security issues addressed by Cisco today is available in the table embedded below, together with links to their respective security advisories.

Vulnerability CVE-ID
Cisco Small Business RV110W Wireless-N VPN Firewall Static Default Credential Vulnerability CVE-2020-3330
Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability CVE-2020-3323
Cisco RV110W, RV130, RV130W, and RV215W Routers Authentication Bypass Vulnerability CVE-2020-3144
Cisco RV110W and RV215W Series Routers Arbitrary Code Execution Vulnerability CVE-2020-3331
Cisco Prime License Manager Privilege Escalation Vulnerability CVE-2020-3140

“The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory,” the company says in all five advisories.

The vulnerabilities were reported to Cisco by the following external security researchers: Larryxi of XDSEC, Gyengtak Kim, Jeongun Baek, and Sanghyuk Lee of GeekPwn, Quentin Kaiser, and Adam Engle of AdventHealth.

Cisco today also addressed 22 high and medium severity security vulnerabilities affecting multiple router models and Cisco SD-WAN Solution Software versions among others.

 

The information contained in this website is for general information purposes only. The information is gathered from Bleeping Computer, while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.  Through this website, you are able to link to other websites which are not under the control of CSIRT-CY. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, CSIRT-CY takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.