Cisco Issues Critical Security Patches to Fix Small Business VPN Router Bugs

Nested Applications

Asset Publisher

News

Cybersecurity researchers have disclosed details about a new malware family that relies on the Common Log File System (CLFS) to hide a second-stage payload in registry transaction files in an attempt to evade detection mechanisms.

Cisco has patched a critical security vulnerability impacting its Enterprise Network Function Virtualization Infrastructure Software (NFVIS) that could be exploited by an attacker to take control of an affected system.

A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a point-of-sale (PoS) service provider located in the U.S.

A day after releasing Patch Tuesday updates, Microsoft acknowledged yet another remote code execution vulnerability in the Windows Print Spooler component, adding that it's working to remediate the issue in an upcoming security update.

Networking equipment major Cisco has rolled out patches to address critical vulnerabilities impacting its Small Business VPN routers that could be abused by a remote attacker to execute arbitrary code and even cause a denial-of-service (DoS) condition.

We are a member of First

We are a member of First

 

 

contactpic

 

 

Most Viewed Assets

null Cisco Issues Critical Security Patches to Fix Small Business VPN Router Bugs

Networking equipment major Cisco has rolled out patches to address critical vulnerabilities impacting its Small Business VPN routers that could be abused by a remote attacker to execute arbitrary code and even cause a denial-of-service (DoS) condition.

 

The issues, tracked as CVE-2021-1609 (CVSS score: 9.8) and CVE-2021-1610 (CVSS score: 7.2), reside in the web-based management interface of the Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers running a firmware release prior to version 1.0.03.22. Both the issues stem from a lack of proper validation of HTTP requests, thus permitting a bad actor to send a specially-crafted HTTP request to a vulnerable device.

 

Successful exploitation of CVE-2021-1609 could allow an unauthenticated, remote attacker to execute arbitrary code on the device or cause the device to reload, resulting in a DoS condition. CVE-2021-1610, concerns a command injection vulnerability that, if exploited, could permit an authenticated adversary to remotely execute arbitrary commands with root privileges on an affected device.

 

Also addressed by Cisco is a high-severity remote code execution bug (CVE-2021-1602, CVSS score: 8.2) impacting Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers that could be leveraged by an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. Small Business RV Series Routers running firmware versions earlier than 1.0.01.04 are susceptible.

 

"This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface," . "A successful exploit could allow the attacker to execute arbitrary commands on an affected device using root-level privileges. Due to the nature of the vulnerability, only commands without parameters can be executed."

 

The company noted there's been no evidence of active exploitation attempts in the wild for any of these flaws, nor are there any workarounds that address the vulnerabilities.

 

CVE-2021-1602 marks the second time Cisco has fixed critical remote code execution flaws concerning the same set of VPN appliances. Earlier this February, the company patched 35 flaws that could potentially allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device.

Nested Applications

Contact Us

Free Call[OH]: 933

Phone Number: +251-993939270

                            +251-993531965

                            +251-944-33-68-02

E-mail: ethiocert@insa.gov.et

P.O.Box: 124498

Asset Publisher

tools

Nested Applications

Asset Publisher

values

Values

  • Trustworthiness
  • Innovation
  • Scientific
  • Democracy
  • Synergy
  • Saving