Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Cisco Patches High-Severity Vulnerabilities in Analog Telephone Adapters

Cisco has released patches for multiple vulnerabilities in ATA 190 series firmware, including two high-severity flaws.

Cisco on Wednesday announced patches for eight vulnerabilities in the firmware of ATA 190 series analog telephone adapters, including two high-severity flaws leading to configuration changes and cross-site request forgery (CSRF) attacks.

Impacting the web-based management interface of the firmware and tracked as CVE-2024-20458, the first bug exists because specific HTTP endpoints lack authentication, allowing remote, unauthenticated attackers to browse to a specific URL and view or delete configurations, or modify the firmware.

The second issue, tracked as CVE-2024-20421, allows remote, unauthenticated attackers to conduct CSRF attacks and perform arbitrary actions on vulnerable devices. An attacker can exploit the security defect by convincing a user to click on a crafted link.

Cisco also patched a medium-severity vulnerability (CVE-2024-20459) that could allow remote, authenticated attackers to execute arbitrary commands with root privileges.

The remaining five security defects, all medium severity, could be exploited to conduct cross-site scripting (XSS) attacks, execute arbitrary commands as root, view passwords, modify device configurations or reboot the device, and run commands with administrator privileges.

According to Cisco, ATA 191 (on-premises or multiplatform) and ATA 192 (multiplatform) devices are affected. While there are no workarounds available, disabling the web-based management interface in the Cisco ATA 191 on-premises firmware mitigates six of the flaws.

Patches for these bugs were included in firmware version 12.0.2 for the ATA 191 analog telephone adapters, and firmware version 11.2.5 for the ATA 191 and 192 multiplatform analog telephone adapters.

On Wednesday, Cisco also announced patches for two medium-severity security defects in the UCS Central Software enterprise management solution and the Unified Contact Center Management Portal (Unified CCMP) that could lead to sensitive information disclosure and XSS attacks, respectively.

Advertisement. Scroll to continue reading.

Cisco makes no mention of any of these vulnerabilities being exploited in the wild. Additional information can be found on the company’s security advisories page.

Related: Splunk Enterprise Update Patches Remote Code Execution Vulnerabilities

Related: ICS Patch Tuesday: Advisories Published by Siemens, Schneider, Phoenix Contact, CERT@VDE

Related: Cisco to Buy Network Intelligence Firm ThousandEyes

Related: Cisco Patches Critical Vulnerabilities in Prime Infrastructure (PI) Software

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Jared Bartel has been named CISO at Idaho State University.

Automated phishing protection and scam prevention company Bolster has appointed Rod Schultz as CEO.

Bugcrowd has appointed Trey Ford as CISO for the Americas.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.