Cisco warns to patch small business 220 series switches after exploit code published

Original advisory warned admins to patch in early August

Credit: ID 141816329 © Pavel Kapysh | Dreamstime.com

Cisco has warned customers using its Small Business 220 series smart switches to apply updates to address two serious security flaws after exploit code was released.

Both flaws affect the web interface admins use to manage the switches and were flagged by Cisco on August 6. 

The company has updated its advisories to warn customers using its Small Business 220 series smart switches that exploit code has now been published. 

One of them, identified as CVE-2019-1912, allows an attacker to bypass regular authentication without a valid password because Cisco’s software didn’t check authorization properly, which can be exploited by sending malicious requests to parts of the interface.    

“A successful exploit could allow the attacker to modify the configuration of an affected device or to inject a reverse shell,” Cisco warned. 

A reverse shell allows an attacker to communicate with the affected machine and bypass a firewall protections. 

Exploit code is also available for more serious vulnerabilities under CVE-2019-1913, also in the web management interface Cisco’s small business 220 series smart switches. This set of bugs allow a remote attacker to execute code with root privileges on the device’s operating system. 

The vulnerabilities allow a buffer overflow and can be exploited by an attacker sending malicious requests to the web interface of the device. 

Both issues affect Cisco Small Business 220 series smart switches running firmware versions prior to 1.1.4.4.    

While there is publicly available exploit code for both issues Cisco notes that it has not seen the flaws being used in attacks in the wild. The flaws were reported by security researcher “bashis" through the VDOO disclosure program

Cisco has also warned customers to update four more newly disclosed critical flaws that affect its enterprise and data center products. 

This includes CVE-2019-1937, a flaw in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data. CVE-2019-1937, CVE-2019-1974 and CVE-2019-1935 affect the same products.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
CSO WANTED
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags ciscoSMBspatchrouterswitch

More about Cisco

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by Liam Tung

Latest Videos

More videos

Blog Posts