Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Multiple products were plagued by a 10/10 security vulnerability

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cisco has patched a critical vulnerability in some of its software which could have allowed threat actors to runmalicious coderemotely.

In a security advisory, Cisco said it discovered a flaw in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points.

These access points are designed for industries that require highly dependable and robust wireless connections in challenging environments. They are particularly popular among industries where maintaining consistent connectivity is critical for operations, such as transportation and logistics, public safety and emergency services, utilities and energy, or mining and construction.

Cisco says update now

The bug that was discovered is tracked as CVE-2024-20418, and has a top severity score - 10/10.

“An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system,” Cisco said in the advisory. “A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlyingoperating systemof the affected device.”

Cisco products vulnerable to this flaw are Catalyst IW9165D Heavy Duty Access Points, Catalyst IW9165E Rugged Access Points and Wireless Clients, and Catalyst IW9167E Heavy Duty Access Points. Products that are not working in URWB mode are not affected by vulnerability, Cisco said.

To defend against potential compromises, users are advised to upgrade their Cisco Unified Industrial Wireless Software to version 17.15.1. All those using versions 17.14 and earlier are advised not to stall with the patching.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Cisco did not mention finding any evidence (or lack thereof) of abuse in the wild. It said it discovered the flaw during internal security testing, so it could be that miscreants haven’t yet picked up on it. However, now that the cat is out of the bag, it’s only a matter of time before they start hunting for vulnerable endpoints.

ViaTheHackerNews

You might also like

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Red One isn’t perfect but it proves we need more action-packed Christmas movies