A critical vulnerability has been discovered in Cisco Unified Industrial Wireless Software, which affects Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points.
This flaw tracked as CVE-2024-20418 enables unauthenticated, remote attackers to perform command injection attacks and execute arbitrary commands as the root user on the underlying operating system of the affected devices.
The vulnerability arises due to improper input validation within the web-based management interface of the affected systems.
Exploiting this flaw is relatively straightforward: attackers only need to send specially crafted HTTP requests to the web interface to gain root-level access.
Build an in-house SOC or outsource SOC-as-a-Service -> Calculate Costs
Given its high severity, the flaw has been assigned the maximum CVSS score of 10.0, indicating the critical nature of the vulnerability. The vulnerability affects multiple products, including:
These devices are vulnerable if running a susceptible software version with the URWB operating mode enabled.
Cisco has released software patches to mitigate the issue, and users are encouraged to update to the latest software versions immediately. Unfortunately, Cisco has confirmed that no workarounds are available for this vulnerability.
Cisco users can determine if their device is vulnerable by using the “show mpls-config” CLI command.
If this command is available, it indicates that the URWB operating mode is enabled, and the device is likely affected. If the command is unavailable, the URWB mode is disabled, and the device is not at risk.
This flaw has the potential to compromise a full system. Therefore, organizations using the affected Cisco products are urged to prioritize patching their systems to avoid being targeted by attackers.
Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!
A significant vulnerability (CVE-2024-20445) has been discovered in Cisco Desk Phone 9800 Series, IP Phone…
The United States Department of Justice has unsealed an indictment against Anonymous Sudan, a hacking…
Ransomware-as-a-Service (RaaS) platforms have revolutionized the ransomware market. Unlike traditional standalone ransomware sales, RaaS offers…
North Korean threat actors behind the Contagious Interview and WageMole campaigns have refined their tactics,…
Weaponized Linux virtual machines are used for offensive cybersecurity purposes, such as "penetration testing" or…
The HookBot malware family employs overlay attacks to trick users into revealing sensitive information by…