Cisco security teams fixed a severe vulnerability in its smart WiFi solution that would have allowed threat actors to alter the password of any affected user. The flaw was fixed as part of the company’s most recent patch, which addresses a total of 67 security flaws in multiple products.
As already mentioned, the most severe vulnerability lies in Cisco Connected Mobile Experiences (CMX), a software solution used by retailers to provide business information. This software uses Cisco Wireless Infrastructure to collect a wealth of information about users in real time.
Tracked as CVE-2021-1144, this flaw exists due to incorrect handling of authorization checks to change a password. The flaw received an 8.8/10 score on the Common Vulnerability Scoring System (CVSS) scale. Successful exploit of the vulnerability requires threat actors to have control of an authenticated CMX account, although this account would not require high privileges.
The vulnerability resides in Cisco CMX Versions 10.6.0, 10.6.1 and 10.6.2. Users must upgrade to version 10.6.3 and later.
Security experts highlight the presence of other vulnerabilities in Cisco products, for example CVE-2021-1237, which resides in the Cisco AnyConnect Secure Mobility Client for Windows systems. Its successful exploitation would allow malicious hackers authenticated with local access to perform Dynamic Link Library (DLL) injection attacks.
The Cisco report continues mentioning that 60 of the corrected flaws reside in the web management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. Successful exploitation of these vulnerabilities would allow threat actors to execute arbitrary code so that affected devices restart unexpectedly.
According to experts, threat actors could exploit these flaws by sending specially designed HTTP requests to the affected device: “A successful attack would allow hackers to execute arbitrary code as a root user, resulting in a denial of service (DoS) condition.
The remaining five vulnerabilities (CVE-2021-1146, CVE-2021-1147, CVE-2021-1148, CVE-2021-1149, and CVE-2021-1150) reside on Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. A successful attack would allow authenticated hackers to inject arbitrary commands with high privileges into the compromised system.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.