Man
Professional
- Messages
- 3,059
- Reaction score
- 585
- Points
- 113
The vulnerability allows attackers to penetrate the heart of industrial infrastructure.
Cisco has fixed a critical high-severity vulnerability (10 out of 10 CVSS) that could allow attackers to execute commands with root privileges on vulnerable Ultra-Reliable Wireless Backhaul (URWB) access points used for industrial automation networks.
The vulnerability, identified as CVE-2024-20418, was discovered in the Cisco Unified Industrial Wireless Software Management Web Interface. Unauthorized attackers could exploit it using the Command Injection method, which requires minimal training and does not require user interaction.
Cisco explains that the problem is caused by incorrect input validation in the web interface. To attack, it was enough to send specially crafted HTTP requests to the affected system, which allowed the attacker to execute arbitrary commands with root privileges on the device's operating system.
The vulnerability affects the Cisco Catalyst IW9165D Heavy Duty Access Points, Catalyst IW9165E Rugged Access Points and Wireless Clients, and Catalyst IW9167E Heavy Duty Access Points models, but only when URWB mode is enabled and the affected software version is enabled.
Experts from the Cisco PSIRT team report that there is no evidence of exploits for this vulnerability in the public domain and its use in real attacks.
Administrators can determine whether URWB mode is activated by using the "show mpls-config" command on the CLI interface. If the command is not available, URWB mode is disabled and the vulnerability does not threaten the device.
Cisco previously fixed a denial-of-service vulnerability in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software that was actively exploited in attacks on VPN devices.
In June, the company also released a security update that fixed another command injection vulnerability that allowed attackers to escalate privileges to root.
In July, speaking at the RSA conference, Jen Easterly, head of the US Cybersecurity and Infrastructure Security Agency (CISA), called on developers to thoroughly check the code for possible vulnerabilities at the development stage. Reliable code, in her opinion, is the only way to eradicate cyberattacks.
Source
Cisco has fixed a critical high-severity vulnerability (10 out of 10 CVSS) that could allow attackers to execute commands with root privileges on vulnerable Ultra-Reliable Wireless Backhaul (URWB) access points used for industrial automation networks.
The vulnerability, identified as CVE-2024-20418, was discovered in the Cisco Unified Industrial Wireless Software Management Web Interface. Unauthorized attackers could exploit it using the Command Injection method, which requires minimal training and does not require user interaction.
Cisco explains that the problem is caused by incorrect input validation in the web interface. To attack, it was enough to send specially crafted HTTP requests to the affected system, which allowed the attacker to execute arbitrary commands with root privileges on the device's operating system.
The vulnerability affects the Cisco Catalyst IW9165D Heavy Duty Access Points, Catalyst IW9165E Rugged Access Points and Wireless Clients, and Catalyst IW9167E Heavy Duty Access Points models, but only when URWB mode is enabled and the affected software version is enabled.
Experts from the Cisco PSIRT team report that there is no evidence of exploits for this vulnerability in the public domain and its use in real attacks.
Administrators can determine whether URWB mode is activated by using the "show mpls-config" command on the CLI interface. If the command is not available, URWB mode is disabled and the vulnerability does not threaten the device.
Cisco previously fixed a denial-of-service vulnerability in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software that was actively exploited in attacks on VPN devices.
In June, the company also released a security update that fixed another command injection vulnerability that allowed attackers to escalate privileges to root.
In July, speaking at the RSA conference, Jen Easterly, head of the US Cybersecurity and Infrastructure Security Agency (CISA), called on developers to thoroughly check the code for possible vulnerabilities at the development stage. Reliable code, in her opinion, is the only way to eradicate cyberattacks.
Source
