Cisco has released software updates to address several critical and high severity vulnerabilities identified in various networking and security products.
One of the critical flaws, with a CVSS score of 10, is an unauthorized access issue (CVE-2015-6314) affecting several Cisco standalone and modular controllers running Wireless LAN Controller (WLC) software versions 7.6.120.0 and later, 8.0 and later, and 8.1 and later.
According to Cisco, a remote, unauthenticated attacker could exploit this vulnerability to modify a device’s configuration, which could lead to the device being completely compromised.
Another critical unauthorized access vulnerability (CVE-2015-6323) has been found in the admin portal of devices running Cisco Identity Services Engine (ISE), a policy management platform designed for automating and enforcing security access to network resources.
A remote, unauthenticated attacker who can connect to the admin portal can exploit the weakness to gain access and take control of vulnerable devices. Devices running Cisco ISE 1.1 or later, 1.2.0 prior to patch 17, 1.2.1 prior to patch 8, 1.3 prior to patch 5, and 1.4 prior to patch 4 are affected.
Cisco revealed on Wednesday that ISE is also plagued by a medium severity unauthorized access flaw that allows a remote, authenticated attacker to gain access to web resources that should only be accessible to administrative users.
Advisories published by Cisco on Wednesday also detail a couple of high severity vulnerabilities affecting Aironet 1800 Series Access Point devices. One of the issues is related to the existence of static credentials (CVE-2015-6336) that can be leveraged by a remote, unauthenticated attacker to log in to vulnerable devices. Cisco has pointed out that the exposed account does not have full admin privileges by default.
The second high severity bug in Aironet 1800 devices can be exploited remotely by an unauthenticated attacker to cause a denial-of-service (DoS) condition on the device by sending it a specially crafted IP packet (CVE-2015-6320).
All of these flaws were uncovered during internal security and quality assurance testing. Cisco says it’s not aware of any instances in which these vulnerabilities have been exploited for malicious purposes.
Since there are no workarounds for any of the security holes, users are advised to install the available updates as soon as possible.
After news broke that unauthorized code had been found in Juniper Networks’ ScreenOS firewall operating system, Cisco announced its intention to review its own products for similar malicious changes. In the case of Juniper, the unauthorized code found by the company introduced a backdoor and a weakness that can be exploited to decrypt VPN traffic.
Reports about a backdoor in Fortinet’s FortiOS operating system emerged earlier this week, but the enterprise security vendor said the issue was an unintentional bug patched in mid-2014, not a malicious backdoor.
