Monday, October 7, 2024
HomeCisco18 Vulnerabilities that Affected Cisco Software's Let Hackers Perform DOS, RCE to...

18 Vulnerabilities that Affected Cisco Software’s Let Hackers Perform DOS, RCE to Gain Unauthorized System Access

Published on

Cisco released new security updates for multiple software products such as Cisco ASA, FMC, and FTD Software that affects 18 vulnerabilities in various category.

Cisco addressed all the 18 vulnerabilities as a “High” severity category, and the successful exploitation allows malicious hackers to gain unauthorized access to the systems deployed with vulnerable Cisco software.

All the vulnerabilities affected 3 major Cisco software 1. Cisco ASA Software, 2.Cisco FMC Software, and 3. Cisco FTD Software.

- Advertisement - EHA

Out of 18 vulnerabilities,12 vulnerabilities affected Cisco FMC Software which is used in the Cisco Firepower Management Center Virtual Appliance, Four of the vulnerabilities affect both Cisco ASA Software, and Cisco FTD Software, another 2 vulnerabilities affected Cisco ASA Software and Cisco FTD Software respectively.

In this case, Cisco FMC Software is heavily impacted through some of the dangerous vulnerabilities that lead attackers to perform serious attacks such as SQL injection, command injection and remote code execution on the Cisco Firepower Management Center.

Cisco patched a remote code execution vulnerability ( CVE-2019-12687) that resides in the web UI of the Cisco Firepower Management Center (FMC) that allows attackers to execute arbitrary commands on the vulnerable devices.

There are 9 SQL injection vulnerabilities patched for Cisco FMC Software. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL queries to an affected device.

“A successful exploit could allow the attacker to view information that they are not authorized to view, make changes to the system that they are not authorized to make, and execute commands within the underlying operating system that may affect the availability of the device.”

Another vulnerability (CVE-2019-12678) in Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software let unauthenticated remote attacker perform DoS attack.

Cisco Security Updates

Cisco Security AdvisoryCVE IDSecurity Impact RatingCVSS Base Score
cisco-sa-20191002-asa-dos
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability
CVE-2019-12673High8.6
cisco-sa-20191002-asa-ftd-ikev1-dos
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability
CVE-2019-15256High8.6
cisco-sa-20191002-asa-ospf-lsa-dos
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF LSA Processing Denial of Service Vulnerability
CVE-2019-12676High7.4
cisco-sa-20191002-asa-ftd-sip-dos
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability
CVE-2019-12678High8.6
cisco-sa-20191002-asa-ssl-vpn-dos
Cisco Adaptive Security Appliance Software SSL VPN Denial of Service Vulnerability
CVE-2019-12677High7.7
cisco-sa-20191002-fmc-com-inj
Cisco Firepower Management Center Command Injection Vulnerability
CVE-2019-12690High7.2
cisco-sa-20191002-fmc-rce
Cisco Firepower Management Center Remote Code Execution Vulnerability
CVE-2019-12687,CVE-2019-12688High8.8
cisco-sa-20191002-fmc-rce-12689
Cisco Firepower Management Center Remote Code Execution Vulnerability
CVE-2019-12689High7.5
cisco-sa-20191002-fmc-sql-inj
Cisco Firepower Management Center SQL Injection Vulnerabilities
CVE-2019-12679,CVE-2019-12680,CVE-2019-12681,CVE-2019-12682,CVE-2019-12683,CVE-2019-12684,CVE-2019-12685,CVE-2019-12686High8.8
cisco-sa-20191002-ftd-container-esc
Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities
CVE-2019-12675,CVE-2019-12674High8.2

Cisco advised to the affected customers to apply these patches immediately to keep the network and application safe and secure from cyber attack.

Cisco has released updates to address this vulnerability; you can find the advisory here.

Also Read: 10 Best Vulnerability Scanning Tools For Penetration Testing – 2019

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Hybrid Analysis Utilizes Criminal IP’s Robust Domain Data for Better Malware Detection

Criminal IP, a renowned Cyber Threat Intelligence (CTI) search engine developed by AI SPERA,...

RCE Vulnerability (CVE-2024-30052) Allow Attackers To Exploit Visual Studio via Dump Files

The researcher investigated the potential security risks associated with debugging dump files in Visual...

Cacti Network Monitoring Tool Vulnerability Let Attackers Execute Remote Code

A critical security vulnerability has been identified in the Cacti network monitoring tool that...

Microsoft & DOJ Dismantles Hundreds of Websites Used by Russian Hackers

Microsoft and the U.S. Department of Justice (DOJ) have disrupted the operations of Star...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

RCE Vulnerability (CVE-2024-30052) Allow Attackers To Exploit Visual Studio via Dump Files

The researcher investigated the potential security risks associated with debugging dump files in Visual...

Cisco Nexus Vulnerability Let Hackers Execute Arbitrary Commands on Vulnerable Systems

A critical vulnerability has been discovered in Cisco's Nexus Dashboard Fabric Controller (NDFC), potentially...

Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new...