Cisco has recently released numerous patches for vulnerabilities, and of these, three stand out. All scoring critical on the Common Vulnerability Scoring System (CVSS), the vulnerabilities in question affect software in the IOS XE train of Cisco’s Internetworking Operating System (not to be confused with Apple’s iOS mobile operating system). In short, IOS is a multitasking operating system used by Cisco that replaced the previously used CatOS.
All three vulnerabilities comprise different exploitable attack vectors, making the patches released crucial to implement as soon as possible.
The first vulnerability affects Cisco IOS XE’s SD-WAN software. Classified as a base 9.8 on the CVSS, CVE-2021-34727 is a buffer overflow vulnerability. Cisco states that it is caused by “insufficient bounds checking when an affected device processes traffic” and that “an attacker could exploit this vulnerability by sending crafted traffic to the device.” What results is a situation that can allow for root privileges that can be used for arbitrary code execution or denial-of-service (DoS) attacks.
In terms of the second patched vulnerability affecting IOS XE, it is a bug specifically affecting Cisco Catalyst 9000 Family Wireless Controllers. Scoring a base 10.0 on the CVSS ratings, CVE-2021-34770 is a remote execution bug caused by flaws in the Control and Provisioning of Wireless Access Points (CAPWAP). In the patch report, Cisco says that “the vulnerability is due to a logic error that occurs during the validation of CAPWAP packets” that could allow exploitation via “sending a crafted CAPWAP packet to an affected device.” Like the last vulnerability, an attacker can execute code or cause a denial-of-service attack with this exploit.
The final IOS XE critical vulnerability is CVE-2021-1619, which targets NETCONF and RESTCONF authentication. Cisco says that an attacker can bypass this authentication due to “an uninitialized variable.” When bypassed, an attacker can use “NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS.” The CVSS score is a base 9.8.
If your organization uses Cisco’s IOS XE, implement these patches immediately.
Featured image: Wikimedia Commons