Cisco patches: US-CERT warns attackers could take control of affected devices

Cisco has released a second round of October patches, this time addressing 15 separate flaws in its networking software. 

The updates bring fixes for seven high severity flaws and eight medium severity security issues. 

Three of the high severity issues affect its wireless LAN controller (WLC) software, including a privilege escalation vulnerability and a flaw that remote attacker without proper authentication could use to extract memory contents from a vulnerable device and steal secrets.   

The third bug affecting WLC could allow an attacker to for the WLC software to disconnect associated access points, causing a denial of service.  

Fortunately, Cisco found all the bugs during internal testing and isn’t aware of any exploits in the wild for them. 

However, US-CERT has issued an alert about the patches, noting that “an attacker could exploit one of these vulnerabilities to take control of an affected system.”

There are also patches for high severity issues affecting the Cisco NX-OS software, which runs on the company's Nexus-brand business switches. 

Cisco’s Nexus 3000 Series Switches, Nexus 3600 Platform Switches, Nexus 9000 Series Switches in standalone NX-OS mode, and Nexus 9500 R-Series Line Cards and Fabric Modules are vulnerable if they are running any of the vulnerable releases detailed in its advisory

Cisco NX-OS Software for Nexus 5500, 5600, and 6000 Series Switches are also vulnerable to a remote denial of service attack if they are running a vulnerable release.     

“The vulnerability is due to a lack of protection against PTP frame flood attacks. An attacker could exploit this vulnerability by sending large streams of malicious IPv4 or IPv6 PTP traffic to the affected device. A successful exploit could allow the attacker to cause a DoS condition, impacting the traffic passing through the device,” Cisco notes

Several Firepower appliances and Nexus switches are among the devices affected by another denial of service vulnerability in Cisco’s implementation of the Link Layer Discovery Protocol (LLDP) in its FXOS and NX-OS Software. 

“An attacker could exploit this vulnerability by sending a crafted LLDP packet to an interface on the targeted device. A successful exploit could allow the attacker to cause the switch to reload unexpectedly,” Cisco reports

Admins will need to view each of Cisco’s advisories to check whether they’re organization is operating devices with vulnerable or fixed software releases since some of the fixed releases have been available for many weeks prior to today’s disclosure.

Read more: PDF patch time: fixes land for over 100 flaws in Adobe's and Foxit's PDF software

The last high severity issue disclosed today is a denial of service flaw that affects the 802.11r Fast Transition feature set in Cisco’s Access Points (AP) Software.

“An attacker could exploit this vulnerability by sending malicious reassociation events multiple times to the same AP in a short period of time, causing a DoS condition on the affected AP,” Cisco says

Details about the eight medium severity issues disclosed on October 17 can be found on Cisco’s security advisories and alerts page. 

      

Read more: Cisco's probe of VPNFilter router malware uncovers several new hacking techniques

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
CSO WANTED
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags Networkingciscodenial of serviceUS-CERT

More about CiscoLAN

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

More videos

Blog Posts