Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Cisco Releases Critical Security Updates

Cisco published six new security advisories this week, with four rated as ‘high impact’ and two as ‘critical impact’. Released on Wednesday, in the order of publication, they are:

Cisco published six new security advisories this week, with four rated as ‘high impact’ and two as ‘critical impact’. Released on Wednesday, in the order of publication, they are:

CVE-2016-1290 – A vulnerability in the web API of the Cisco Prime Infrastructure and EPNM could allow an attacker to send a crafted URL request to by-pass RBAC and gain elevated privileges. The impact is classified as high. 

CVE-2016-1291 A second vulnerability in the web API of the Cisco Prime Infrastructure and EPNM could allow an attacker to execute arbitrary code with root-level privileges. The impact is classified as critical. 

CVE-2016-1346 – This vulnerability in the TelePresence Server fails to properly handle IPv6 packets. A successful exploit could allow an attacker to cause a kernel panic, rebooting the device. The impact is classified as high. 

CVE-2016-1313 – The SSH private key for the UCS Invicta is stored insecurely in the system. As a result, an attacker could steal the key and use it to gain root privileges on the system. The impact is classified as critical. 

CVE-2015-6313 – A second vulnerability in the TelePresence Server fails to properly parse specially crafted ‘evil packets’. Multiple packets eventually cause memory exhaustion and a system crash. The impact is classified as high. 

CVE-2015-6312 – A vulnerability in the TelePresence Server version 3.1 fails to properly process malformed STUN packets. A successful attack could cause the device to reboot and drop all calls in the process. The impact is classified as high. 

Cisco is advising administrators to install all relevant patches as soon as possible.

SecurityWeek asked whitehat researcher Ivan Sanchez what he thought of the vulnerabilities. “Most of these Cisco products are used in IT networks, but some are also used in OT networks. That is not a good idea,” he said. He also expressed astonishment that a company like Cisco could still be storing a default SSH key hardcoded in the software.

Sanchez demonstrated the worldwide extent of the problem with a heat map of the TelePresence Servers that were currently on line around the world. Three of the vulnerabilities affect this server, and each one can be delivered remotely. Until patched, every one of these servers is susceptible to remote attacks; and none of the attacks would be particularly difficult to craft and deliver.

It is, as Cisco suggests, important to update systems as soon as possible.

Written By

Click to comment

Expert Insights

Related Content

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Vulnerabilities

Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.