Cisco Warns of Many Old Vulnerabilities Being Exploited in Attacks


Cisco has updated multiple security advisories to warn of the malicious exploitation of severe vulnerabilities impacting its networking devices.

Cisco has updated multiple security advisories to warn of the malicious exploitation of severe vulnerabilities impacting its networking devices.

Many of the bugs, which carry severity ratings of ‘critical’ or ‘high’, have been addressed 4-5 years ago, but organizations that haven’t patched their devices continue to be impacted.

Last week, the tech giant added exploitation warnings to more than 20 advisories detailing security defects in Cisco IOS, NX-OS, and HyperFlex software.

“In March 2022, the Cisco Product Security Incident Response Team (PSIRT) became aware of additional attempted exploitation of this vulnerability in the wild. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability,” the warning reads.

Five of the updated advisories resolve critical-severity vulnerabilities that could allow remote attackers to execute arbitrary code (RCE), cause a denial-of-service (DoS) condition, or execute arbitrary commands.

Carrying a CVSS score of 9.8, the exploited vulnerabilities are tracked as CVE-2017-12240, CVE-2018-0171, CVE-2018-0125, CVE-2021-1497, and CVE-2018-0147, and impact Cisco IOS and IOS XE, the RV132W and RV134W routers, HyperFlex HX, and Secure Access Control System (ACS).

Cisco also updated 15 advisories that deal with high-severity flaws in Cisco IOS and IOS XE, and one that addresses a high-severity arbitrary command execution issue in Small Business RV series routers. Several advisories detailing medium-severity bugs were also updated.

The US Cybersecurity and Infrastructure Security Agency (CISA) added these vulnerabilities to its Known Exploited Vulnerabilities Catalog months ago, but there does not appear to be any information regarding the attacks exploiting many of these flaws.

Organizations are advised to review the advisories on Cisco’s security page and apply necessary patches as soon as possible.


By Ionut Arghire on Mon, 19 Dec 2022 12:53:16 +0000
Original link