More than 60 critical vulnerabilities affect Cisco products

Cisco security teams fixed a severe vulnerability in its smart WiFi solution that would have allowed threat actors to alter the password of any affected user. The flaw was fixed as part of the company’s most recent patch, which addresses a total of 67 security flaws in multiple products.

As already mentioned, the most severe vulnerability lies in Cisco Connected Mobile Experiences (CMX), a software solution used by retailers to provide business information. This software uses Cisco Wireless Infrastructure to collect a wealth of information about users in real time.

La imagen tiene un atributo ALT vacío; su nombre de archivo es ciscobody.jpg

Tracked as CVE-2021-1144, this flaw exists due to incorrect handling of authorization checks to change a password. The flaw received an 8.8/10 score on the Common Vulnerability Scoring System (CVSS) scale. Successful exploit of the vulnerability requires threat actors to have control of an authenticated CMX account, although this account would not require high privileges.

The vulnerability resides in Cisco CMX Versions 10.6.0, 10.6.1 and 10.6.2. Users must upgrade to version 10.6.3 and later.

Security experts highlight the presence of other vulnerabilities in Cisco products, for example CVE-2021-1237, which resides in the Cisco AnyConnect Secure Mobility Client for Windows systems. Its successful exploitation would allow malicious hackers authenticated with local access to perform Dynamic Link Library (DLL) injection attacks.

The Cisco report continues mentioning that 60 of the corrected flaws reside in the web management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. Successful exploitation of these vulnerabilities would allow threat actors to execute arbitrary code so that affected devices restart unexpectedly.

According to experts, threat actors could exploit these flaws by sending specially designed HTTP requests to the affected device: “A successful attack would allow hackers to execute arbitrary code as a root user, resulting in a denial of service (DoS) condition.

The remaining five vulnerabilities (CVE-2021-1146, CVE-2021-1147, CVE-2021-1148, CVE-2021-1149, and CVE-2021-1150) reside on Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. A successful attack would allow authenticated hackers to inject arbitrary commands with high privileges into the compromised system.