Saturday, December 2, 2023

18 Vulnerabilities that Affected Cisco Software’s Let Hackers Perform DOS, RCE to Gain Unauthorized System Access

By Balaji

Cisco Software

Cisco released new security updates for multiple software products such as Cisco ASA, FMC, and FTD Software that affects 18 vulnerabilities in various category.

Cisco addressed all the 18 vulnerabilities as a “High” severity category, and the successful exploitation allows malicious hackers to gain unauthorized access to the systems deployed with vulnerable Cisco software.

All the vulnerabilities affected 3 major Cisco software 1. Cisco ASA Software, 2.Cisco FMC Software, and 3. Cisco FTD Software.

Out of 18 vulnerabilities,12 vulnerabilities affected Cisco FMC Software which is used in the Cisco Firepower Management Center Virtual Appliance, Four of the vulnerabilities affect both Cisco ASA Software, and Cisco FTD Software, another 2 vulnerabilities affected Cisco ASA Software and Cisco FTD Software respectively.

In this case, Cisco FMC Software is heavily impacted through some of the dangerous vulnerabilities that lead attackers to perform serious attacks such as SQL injection, command injection and remote code execution on the Cisco Firepower Management Center.

Cisco patched a remote code execution vulnerability ( CVE-2019-12687) that resides in the web UI of the Cisco Firepower Management Center (FMC) that allows attackers to execute arbitrary commands on the vulnerable devices.

There are 9 SQL injection vulnerabilities patched for Cisco FMC Software. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL queries to an affected device.

“A successful exploit could allow the attacker to view information that they are not authorized to view, make changes to the system that they are not authorized to make, and execute commands within the underlying operating system that may affect the availability of the device.”

Another vulnerability (CVE-2019-12678) in Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software let unauthenticated remote attacker perform DoS attack.

Cisco Security Updates

Cisco Security AdvisoryCVE IDSecurity Impact RatingCVSS Base Score
cisco-sa-20191002-asa-dos
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability		CVE-2019-12673High8.6
cisco-sa-20191002-asa-ftd-ikev1-dos
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability		CVE-2019-15256High8.6
cisco-sa-20191002-asa-ospf-lsa-dos
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF LSA Processing Denial of Service Vulnerability		CVE-2019-12676High7.4
cisco-sa-20191002-asa-ftd-sip-dos
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability		CVE-2019-12678High8.6
cisco-sa-20191002-asa-ssl-vpn-dos
Cisco Adaptive Security Appliance Software SSL VPN Denial of Service Vulnerability		CVE-2019-12677High7.7
cisco-sa-20191002-fmc-com-inj
Cisco Firepower Management Center Command Injection Vulnerability		CVE-2019-12690High7.2
cisco-sa-20191002-fmc-rce
Cisco Firepower Management Center Remote Code Execution Vulnerability		CVE-2019-12687,CVE-2019-12688High8.8
cisco-sa-20191002-fmc-rce-12689
Cisco Firepower Management Center Remote Code Execution Vulnerability		CVE-2019-12689High7.5
cisco-sa-20191002-fmc-sql-inj
Cisco Firepower Management Center SQL Injection Vulnerabilities		CVE-2019-12679,CVE-2019-12680,CVE-2019-12681,CVE-2019-12682,CVE-2019-12683,CVE-2019-12684,CVE-2019-12685,CVE-2019-12686High8.8
cisco-sa-20191002-ftd-container-esc
Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities		CVE-2019-12675,CVE-2019-12674High8.2

Cisco advised to the affected customers to apply these patches immediately to keep the network and application safe and secure from cyber attack.

Cisco has released updates to address this vulnerability; you can find the advisory here.

Also Read: 10 Best Vulnerability Scanning Tools For Penetration Testing – 2019

Managed WAF Protection

Website

Latest articles

Chrome

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...
CVE/vulnerability

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...
Cyber Security News

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...
Cyber Security News

Hotel’s Booking.com Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...
CVE/vulnerability

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...
cyber security

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...
cryptocurrency

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Register Your Spot

Related Articles

Connect with GBHackers On Security

Join 70,000 Security Professionals

Stay safe online with free daily cybersecurity updates. Sign up now!

GBHackers on security is a highly informative and reliable Cyber Security News platform that provides the latest and most relevant updates on Cyber Security News, Hacking News, Technology advancements, and Kali Linux tutorials on a daily basis. The platform is dedicated to keeping the community well-informed and up-to-date with the constantly evolving Cyber World.

Menu

Contact US:

[email protected]