Friday, December 8, 2023

Unpatched Critical Flaw in Cisco Small Business Switches Allows Attackers to Bypass User Authentication

A critical vulnerability with Cisco Small Business Switches that allows an remote attacker to log to an affected device and to execute commands with admin privileages.

The vulnerability can be tracked as CVE-2018-15439, and exists with Cisco Small Business Switch SOHO that used to manage the small local area networks.

Following are the products affected by the vulnerability

  • Cisco Small Business 200 Series Smart Switches
  • CSB 300 Series Managed Switches
  • CSB 500 Series Stackable Managed Switches
  • Cisco 250 Series Smart Switches
  • Cisco 350 Series Managed Switches
  • Cisco 350X Series Stackable Managed Switches
  • Cisco 550X Series Stackable Managed Switches

Cisco Small Business Switches which runs with the which runs with default configuration on the devices listed as vulnerable includes a default, privileged user account that is used for the initial login and cannot be removed from the system are vulnerable, reads Cisco advisory.

“If all user-configured privilege level 15 accounts are removed from the device configuration, an affected software release re-enables the default privileged user account without notifying administrators of the system.”

Workarounds

Cisco recommends administrators to add atleast one user account with level 15 privilege in the device configuration, so that default privileged account will be disabled.

Cisco not yet released any software updates to address this vulnerability.

Related Read

Cisco Releases Security Updates that Covers 16 Vulnerabilities that had Critical and High Impact

Cisco Released Security Updates for Multiple Vulnerabilities that Affected Cisco Products

Website

Latest articles

Exploitation Methods Used by PlugX Malware Revealed by Splunk Research

PlugX malware is sophisticated in evasion, as it uses the following techniques to avoid...

TA422 Hackers Attack Organizations Using Outlook & WinRAR Vulnerabilities

Hackers exploit Outlook and WinRAR vulnerabilities because these widely used software programs are lucrative...

Bluetooth keystroke-injection Flaw: A Threat to Apple, Linux & Android Devices

An unauthenticated Bluetooth keystroke-injection vulnerability that affects Android, macOS, and iOS devices has been...

Atlassian Patches RCE Flaw that Affected Multiple Products

Atlassian has been discovered with four new vulnerabilities associated with Remote Code Execution in...

Reflectiz Introduces AI-powered Insights on Top of Its Smart Alerting System

Reflectiz, a cybersecurity company specializing in continuous web threat management, proudly introduces a new...

SLAM Attack Gets Root Password Hash in 30 Seconds

Spectre is a class of speculative execution vulnerabilities in microprocessors that can allow threat...

Akira Ransomware Exploiting Zero-day Flaws For Organization Network Access

The Akira ransomware group, which first appeared in March 2023, has been identified as...

Endpoint Strategies for 2024 and beyond

Converge and Defend

What's the pulse of Unified Endpoint Management and Security (UEMS) in Europe? Join us live to uncover the strategies that are defining endpoint security in the region.

Related Articles