Headline
Critical Flaws in Cisco Small Business Switches Could Allow Remote Attacks
Cisco has released updates to address a set of nine security flaws in its Small Business Series Switches that could be exploited by an unauthenticated, remote attacker to run arbitrary code or cause a denial-of-service (DoS) condition. “These vulnerabilities are due to improper validation of requests that are sent to the web interface,” Cisco said, crediting an unnamed external researcher for
Network Security / Vulnerability
Cisco has released updates to address a set of nine security flaws in its Small Business Series Switches that could be exploited by an unauthenticated, remote attacker to run arbitrary code or cause a denial-of-service (DoS) condition.
“These vulnerabilities are due to improper validation of requests that are sent to the web interface,” Cisco said, crediting an unnamed external researcher for reporting the issues.
Four of the nine vulnerabilities are rated 9.8 out of 10 on the CVSS scoring system, making them critical in nature. The nine flaws affect the following product lines -
- 250 Series Smart Switches (Fixed in firmware version 2.5.9.16)
- 350 Series Managed Switches (Fixed in firmware version 2.5.9.16)
- 350X Series Stackable Managed Switches (Fixed in firmware version 2.5.9.16)
- 550X Series Stackable Managed Switches (Fixed in firmware version 2.5.9.16)
- Business 250 Series Smart Switches (Fixed in firmware version 3.3.0.16)
- Business 350 Series Managed Switches (Fixed in firmware version 3.3.0.16)
- Small Business 200 Series Smart Switches (Will not be patched)
- Small Business 300 Series Managed Switches (Will not be patched)
- Small Business 500 Series Stackable Managed Switches (Will not be patched)
A brief description of each of the flaws is as follows -
- CVE-2023-20159 (CVSS score: 9.8): Cisco Small Business Series Switches Stack Buffer Overflow Vulnerability
- CVE-2023-20160 (CVSS score: 9.8): Cisco Small Business Series Switches Unauthenticated BSS Buffer Overflow Vulnerability
- CVE-2023-20161 (CVSS score: 9.8): Cisco Small Business Series Switches Unauthenticated Stack Buffer Overflow Vulnerability
- CVE-2023-20189 (CVSS score: 9.8): Cisco Small Business Series Switches Unauthenticated Stack Buffer Overflow Vulnerability
- CVE-2023-20024 (CVSS score: 8.6): Cisco Small Business Series Switches Unauthenticated Heap Buffer Overflow Vulnerability
- CVE-2023-20156 (CVSS score: 8.6): Cisco Small Business Series Switches Unauthenticated Heap Buffer Overflow Vulnerability
- CVE-2023-20157 (CVSS score: 8.6): Cisco Small Business Series Switches Unauthenticated Heap Buffer Overflow Vulnerability
- CVE-2023-20158 (CVSS score: 8.6): Cisco Small Business Series Switches Unauthenticated Denial-of-Service Vulnerability
- CVE-2023-20162 (CVSS score: 7.5): Cisco Small Business Series Switches Unauthenticated Configuration Reading Vulnerability
Successful exploitation of the aforementioned bugs could permit an unauthenticated, remote attacker to execute arbitrary code with root privileges on an affected device by sending a specially crafted request through the web-based user interface.
Alternatively, they could also be abused to trigger a DoS condition or read unauthorized information on vulnerable systems by means of a malicious request.
UPCOMING WEBINAR
Learn to Stop Ransomware with Real-Time Protection
Join our webinar and learn how to stop ransomware attacks in their tracks with real-time MFA and service account protection.
Save My Seat!
Cisco said it does not plan to release firmware updates for Small Business 200 Series Smart Switches, Small Business 300 Series Managed Switches, Small Business 500 Series Stackable Managed Switches as they have entered the end-of-life process.
The networking equipment major also said it’s aware of the availability of a proof-of-concept (PoC) exploit code, but noted that it did not observe any evidence of malicious exploitation in the wild.
With Cisco devices becoming a lucrative attack vector for threat actors, users are recommended to move quickly to apply the patches to mitigate potential threats.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Related news
Categories: Business Tags: Cisco Tags: small business series Tags: web interface Tags: CVE Tags: exploit Tags: root If you're using one of the affected products from the Cisco small business range, you need to patch immediately. (Read more...) The post Update now: 9 vulnerabilities impact Cisco Small Business Series appeared first on Malwarebytes Labs.
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.