Cisco patches Critical Vulnerability, warns of known public exploits

Cisco patches Critical Vulnerability

Cisco released security updates to patch a critical vulnerability in Cisco IOS product as well as high severity bugs in Cisco Wireless LAN, IOS, and other products. One critical and one high severity advisory have also been updated with known public vulnerability exploits as recently revealed in Sea Turtle DNS hijacking campaign.

One of the Cisco patches address a Critical “Network Isolation” vulnerability CVE-2019-1710 in Cisco ASR 9000 Series Aggregation Services Routers running Cisco IOS XR 64-bit Software. A remote attacker could exploit the vulnerability to gain unauthenticated access to internal applications running on the sysadmin VM.

A second advisory is an update to a previous patch published back in March 17 for a critical vulnerability CVE-2017-3881 in Cisco IOS and IOS XE Software Cluster Management Protocol. A remote attacker could exploit the bug and execute code with elevated privileges.

On Wednesday, the Cisco Product Security Incident Response Team (PSIRT) said it is aware of exploitation of the CVE-2017-3881 vulnerability.

Cisco also updated another security advisory for known public exploit of three high risk Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerabilities (CVE-2017-6736, CVE-2017-6737 and CVE-2017-6738) patched in June of 2017.

Cisco also references each of the above known exploits in Talos report about the “Sea Turtle” DNS hijacking campaign.

Multiple High severity vulnerabilities were also patched in Cisco’s Wireless LAN Controller software that could result in Denial of Service (DoS).

One patch addresses a DoS vulnerability CVE-2018-0248 in the administrative GUI configuration feature of Cisco Wireless LAN Controller (WLC) Software. Cisco said a remote attacker could “cause the device to reload unexpectedly during device configuration when the administrator is using this GUI,” thus result in DoS condition.

A second high risk advisory addresses three vulnerabilities (CVE-2019-1796, CVE-2019-1799 and CVE-2019-1800) in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software. Exploitation of these bugs could also result in DoS condition on affected devices.

A third high risk patch fixes a Cisco Wireless LAN Controller Software Cross-Site Request Forgery Vulnerability (CVE-2019-1797).

Finally, two other high risk updates address a Cisco Expressway Series and Cisco TelePresence Video Communication Server Denial of Service Vulnerability (CVE-2019-1721) and Cisco Aironet Series Access Points Development Shell Access Vulnerability (CVE-2019-1654).

Cisco also released 23 other security advisories for Moderate severity vulnerabilities in multiple products. See more details on Cisco’s Security Advisories and Alerts site.