Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Several Vulnerabilities Found in Cisco Industrial Network Director

Cisco on Wednesday informed customers that several vulnerabilities, including a code execution flaw classified as “high severity,” have been found in the company’s Industrial Network Director product.

Cisco on Wednesday informed customers that several vulnerabilities, including a code execution flaw classified as “high severity,” have been found in the company’s Industrial Network Director product.

Cisco Industrial Network Director is specifically designed for managing industrial networks and it allows operations teams to gain full visibility into their automation network.

While conducting internal security testing, Cisco employees identified three types of vulnerabilities in Industrial Network Director. The most serious of them, tracked as CVE-2019-1861 with a CVSS score of 7.2, is a remote code execution flaw.

While these types of vulnerabilities can be dangerous, Cisco’s advisory reveals that exploitation of CVE-2019-1861 requires the attacker to authenticate on the targeted system with admin privileges and upload a malicious file. This would allow them to execute arbitrary code with elevated privileges.

The security hole has been patched with the release of version 1.6.0. Prior versions are impacted.

Cisco also discovered that Industrial Network Director is affected by a stored cross-site scripting (XSS) vulnerability that can be exploited remotely by an authenticated attacker for XSS attacks, and a cross-site request forgery (CSRF) flaw that allows an unauthenticated attacker to perform arbitrary actions on the targeted device by getting a legitimate user to click on a malicious link.

The XSS and CSRF vulnerabilities have been classified as “medium severity” and they have not been patched.

Learn More About Vulnerabilities in Industrial Products at SecurityWeek’s 2019 ICS Cyber Security Conference

Advertisement. Scroll to continue reading.

Cisco also informed customers on Wednesday that the authentication system used by Cisco Unified Communications Manager IM and Presence (Unified CM IM&P), TelePresence Video Communication Server (VCS), and Expressway Series is affected by a security hole that can be exploited remotely without authentication for denial-of-service (DoS) attacks. Patches have been released for this vulnerability.

Another interesting vulnerability disclosed by Cisco this week affects the BIOS upgrade utility for Unified Computing System (UCS) C-Series Rack Servers. A local, authenticated attacker can install a malicious BIOS on affected devices due to insufficient validation of firmware images. A patch has not been released.

Related: Rockwell Patches Stratix Switch Flaws Introduced by Cisco Software

Related: Default Account in Cisco CSPC Allows Unauthorized Access

Related: Cisco Patches Critical Vulnerability in Data Center Switches

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.