Cisco has patched 11 High severity vulnerabilities in Cisco NX-OS Software, Nexus switches, Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software.
One of the High severity fixes addresses a Read-Only Path Traversal vulnerability CVE-2020-3452 in the web services interface of Cisco ASA and FTD Software.
As a result, the vulnerability could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system.
“A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. As an example, this could allow an attacker to impersonate another VPN user and establish a Clientless SSL VPN or AnyConnect VPN session to the device as that user,” Cisco warned in the advisory.
NX-OS Software vulnerabilities
In all, Cisco patched 8 High severity vulnerabilities in NX-OS software, to include:
- Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability (CVE-2020-3415)
- Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability (CVE-2020-3398)
- Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability (CVE-2020-3397)
- Cisco NX-OS Software Call Home Command Injection Vulnerability (CVE-2020-3454)
- Cisco NX-OS Software CLI Arbitrary Command Injection Vulnerability (CVE-2018-0307)
- Cisco NX-OS Software CLI Arbitrary Command Execution Vulnerability (CVE-2018-0306)
- Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability (CVE-2020-3338)
- Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability (CVE-2020-3517)
An attacker could exploit some of these vulnerabilities to take control of an affected system, read sensitive files or launch denial of service attacks.
Nexus switch privilege escalation
In addition, Cisco patched a privileged escalation vulnerability CVE-2020-3394 that affects Cisco Nexus 3000 and 9000 Series switches.
“The vulnerability is due to a logic error in the implementation of the enable command. An attacker could exploit this vulnerability by logging in to the device and issuing the enable command,” Cisco explained in the advisory.
“A successful exploit could allow the attacker to gain full administrative privileges without using the enable password.”
Cisco also noted that The Enable Secret feature is disabled by default.
Last but certainly not least, Cisco patched a vulnerability CVE-2019-1896 in the web-based management interface of Cisco Integrated Management Controller (IMC). If devices are left unpatched, a remote attacker could inject arbitrary commands and obtain root privileges on affected devices.
Network administrators should apply the necessary updates as soon as possible.
- Alert: Threat actors continue to exploit patched Pulse Secure VPN devices
- Organizations need heightened level of Enterprise VPN security in the wake of Coronavirus Pandemic
- Cisco patches Critical default credentials vulnerability (CVE-2020-3446) in network appliances
- Attackers are exploiting Cisco ASA and FTD Software vulnerability (CVE-2020-3452)
- Cisco patches Critical vulnerabilities in VPN and Router products
- Cisco releases Critical Treck IP Stack advisory and 7 other High severity updates