YOU ARE AT:DevicesSoftware bugs leave Cisco devices vulnerable to exploitation

Software bugs leave Cisco devices vulnerable to exploitation

Cisco issues patches to address software vulnerabilities

Cisco recently released patches for 34 vulnerabilities, including three critical remote code execution flaws, with the majority impacting its IOS and IOS XE networking software.

The security firm Embedi first discovered one of the more serious software flaws, dubbed CVE-2018-0171. The company originally thought the bug could only be exploited within the network, but later discovered millions of affected devices exposed on the web.

“During a short scan of the Internet, we detected 250,000 vulnerable devices and 8.5 million devices that have a vulnerable port open,” said the security firm.

The glitch impacts Smart Install, a Cisco client for deploying new switches for Cisco IOS and IOS XE Software. “Because in a securely configured network, Smart Install technology participants should not be accessible through the internet. But scanning the internet has shown that this is not true,” said Embedi.

Cisco noted a remote unauthenticated attacker could exploit the flaw, reload the affected device and cause a denial-of-service (DoS) or execute arbitrary code. The company has since released patches for the vulnerability.

Cisco discovered another bug in its IOS XE software, called CVE-2018-0150. According to the company, an attacker could exploit the vulnerability by using this account to remotely connect to an affected device. It said the glitch impacts devices running a vulnerable release of its IOS XE Software Release 16.x, but not IOS XE Software releases prior to Release 16.x. Software updates and workarounds for CVE-2018-0150 have since been released.

“To address this vulnerability, administrators may remove the default account by using the ‘no username cisco’ command in the device configuration. Administrators may also address this vulnerability by logging in to the device and changing the password for this account,” Cisco said.

Moreover, the company’s engineers discovered a third bug, CVE-2018-0151. It is another remote code execution vulnerability and affects the QoS subsystem of IOS and IOS XE. “The vulnerability is due to incorrect bounds checking of certain values in packets that are destined for UDP port 18999 of an affected device. An attacker could exploit this vulnerability by sending malicious packets to an affected device,” said the company.

The vulnerabilities disclosed by Cisco were part of its semiannual IOS and IOS XE software security advisory bundled publication. It includes 20 Cisco security advisories that describe 22 vulnerabilities in the IOS and IOS XE software. The three noted glitches received a severity score of 9.8 out of 10 on the CVSS scale, with the remaining 19 being rated as high.

ABOUT AUTHOR

Nathan Cranford
Nathan Cranford
Nathan Cranford joined RCR Wireless News as a Technology Writer in 2017. Prior to his current position, he served as a content producer for GateHouse Media, and as a freelance science and tech reporter. His work has been published by a myriad of news outlets, including COEUS Magazine, dailyRx News, The Oklahoma Daily, Texas Writers Journal and VETTA Magazine. Nathan earned a bachelor’s from the University of Oklahoma in 2013. He lives in Austin, Texas.