Security Experts:

Connect with us

Hi, what are you looking for?



Several Vulnerabilities Found in Cisco Industrial Network Director

Cisco on Wednesday informed customers that several vulnerabilities, including a code execution flaw classified as “high severity,” have been found in the company’s Industrial Network Director product.

Cisco on Wednesday informed customers that several vulnerabilities, including a code execution flaw classified as “high severity,” have been found in the company’s Industrial Network Director product.

Cisco Industrial Network Director is specifically designed for managing industrial networks and it allows operations teams to gain full visibility into their automation network.

While conducting internal security testing, Cisco employees identified three types of vulnerabilities in Industrial Network Director. The most serious of them, tracked as CVE-2019-1861 with a CVSS score of 7.2, is a remote code execution flaw.

While these types of vulnerabilities can be dangerous, Cisco’s advisory reveals that exploitation of CVE-2019-1861 requires the attacker to authenticate on the targeted system with admin privileges and upload a malicious file. This would allow them to execute arbitrary code with elevated privileges.

The security hole has been patched with the release of version 1.6.0. Prior versions are impacted.

Cisco also discovered that Industrial Network Director is affected by a stored cross-site scripting (XSS) vulnerability that can be exploited remotely by an authenticated attacker for XSS attacks, and a cross-site request forgery (CSRF) flaw that allows an unauthenticated attacker to perform arbitrary actions on the targeted device by getting a legitimate user to click on a malicious link.

The XSS and CSRF vulnerabilities have been classified as “medium severity” and they have not been patched.

Learn More About Vulnerabilities in Industrial Products at SecurityWeek’s 2019 ICS Cyber Security Conference

Cisco also informed customers on Wednesday that the authentication system used by Cisco Unified Communications Manager IM and Presence (Unified CM IM&P), TelePresence Video Communication Server (VCS), and Expressway Series is affected by a security hole that can be exploited remotely without authentication for denial-of-service (DoS) attacks. Patches have been released for this vulnerability.

Another interesting vulnerability disclosed by Cisco this week affects the BIOS upgrade utility for Unified Computing System (UCS) C-Series Rack Servers. A local, authenticated attacker can install a malicious BIOS on affected devices due to insufficient validation of firmware images. A patch has not been released.

Related: Rockwell Patches Stratix Switch Flaws Introduced by Cisco Software

Related: Default Account in Cisco CSPC Allows Unauthorized Access

Related: Cisco Patches Critical Vulnerability in Data Center Switches

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.