Cisco is one of the world’s leading technology companies, so a security flaw in one of their equipment or solutions could compromise the operations of thousands of organizations, regardless of whether they are large companies or small businesses. Network security experts report the presence of three security flaws on Cisco 220 Series smart switches that could put a corporate network in a compromising situation.
After receiving the report, the company was
quick to release the corresponding update patches, so users are advised to
install these fixes as soon as possible.
In a security notice issued yesterday, the
company advised organizations using these switches to update the device
firmware as soon as possible to prevent attacks that could compromise
enterprise networks.
Cisco added in their security notice that
updates focused on switch firmware, and that it was essential for system
administrators to install them to mitigate the risk of exploiting
vulnerabilities, reported network security specialists.
The company added that vulnerabilities can be
exploited by remote hackers to perform various malicious activities, such as
uploading files, executing code, and injecting commands on exposed switches. In
case system administrators are unable to install updates at this time, a
workaround is to shut down the switch’s web management interface, as that is
where the security flaws reside.
The first flaw (CVE-2019-1913) is a remote
code execution vulnerability that received a score of 9.8/10 on the
Common Vulnerability Scoring System (CVSS) scale; the flaw would allow hackers
to execute malicious code with root user privileges by sending an HTTP or HTTPS
request.
The second vulnerability (CVE-2019-1912) is an
authentication bypass flaw that allows hackers to upload arbitrary files to the
device. The flaw received a score of 9.1/10 on the CVSS scale.
Finally, the third vulnerability (CVE-2019-1914)
is a command injection flaw that allows privilege escalations; to be exploited,
attackers require a legitimate login to access the switch’s web interface. This
vulnerability received a score of 7.2/10 on the CVSS scale.
Network security specialists from the
International Institute for Cyber Security (IICS) claim that Cisco networking
devices are one of the cybercriminals’ favorite targets due to their presence
in virtually any implementation of business network. Just a few months ago, the
company had released an update patch to fix remote code execution vulnerability
present on millions of devices; this flaw received a score of 10/10 on the CVSS
scale.
Just a couple of months ago, a group of network
security experts reported the discovery of a vulnerability, known as
Tgrangrycat, that affected millions of Cisco routers, switches, and firewalls
that allowed hackers to inject remote code by exploiting a known vulnerability.
Just a few days ago, news was released that Cisco would pay compensation to the
U.S. government due to the sale of vulnerable software. Cisco’s faulty product
was used in monitoring and surveillance systems at the facilities of some
government organizations.
