Cisco has fixed a critical vulnerability, CVE-2024-20418, that allowed unauthenticated remote attackers to gain root access on Ultra-Reliable Wireless Backhaul (URWB) access points used in industrial wireless automation.
The vulnerability is found in the web management interface of Cisco Unified Industrial Wireless Software for URWB Access Points.
By infosecbulletin
/ Monday , November 11 2024
On November 7, 2024, CISA released advisories about 3 critical security issues, vulnerabilities, and exploits related to Industrial Control Systems...
Read More
By infosecbulletin
/ Monday , November 11 2024
A cyberattack on an Israeli clearing company on Sunday left some people unable to use their credit cards for shopping...
Read More
By infosecbulletin
/ Monday , November 11 2024
Russia's media censor, Roskomnadzor, has blocked thousands of local websites using Cloudflare's encryption feature that enhances online privacy and security....
Read More
By infosecbulletin
/ Sunday , November 10 2024
Advertisement for selling the credentials of allegedly belonging to Indian government emails surfaced on the dark web marketplace. A hacker...
Read More
By infosecbulletin
/ Saturday , November 9 2024
Bangladesh faced a 105% rise in cyber incidents from the second to the third quarter of 2024, making it one...
Read More
By infosecbulletin
/ Friday , November 8 2024
The Socket Research Team has discovered a malicious package named "fabrice," pretending to be the legitimate fabric SSH automation library....
Read More
By infosecbulletin
/ Friday , November 8 2024
CISA has added a patched critical security flaw in Palo Alto Networks Expedition to its Known Exploited Vulnerabilities catalog due...
Read More
By infosecbulletin
/ Thursday , November 7 2024
Cisco has fixed a critical vulnerability, CVE-2024-20418, that allowed unauthenticated remote attackers to gain root access on Ultra-Reliable Wireless Backhaul...
Read More
By infosecbulletin
/ Wednesday , November 6 2024
In late October 2024, Cleafy’s Threat Intelligence team noticed a surge in a new Android malware known as TgToxic. However,...
Read More
By infosecbulletin
/ Wednesday , November 6 2024
Cyber Threat Intelligence Unit of BGD e-GOV CIRT found evidence of compromise linked to the vulnerability in F5 BIG-IP systems...
Read More
The vulnerability lets attackers run arbitrary commands as root by sending special HTTP requests to the device.
“A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points could allow an unauthenticated, remote attacker to perform command injection attacks with root privileges on the underlying operating system.” reads the advisory published by the company.
“This vulnerability is due to improper validation of input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system of the affected device.”
The vulnerability only affects specific models in URWB mode: Catalyst IW9165D, IW9165E, and IW9167E access points. To check if the device is affected, use the “show mpls-config” CLI command. If available, URWB mode is enabled and the device is vulnerable.
Cisco PSIRT has not detected any real-world attacks exploiting this vulnerability, and there are no available workarounds.
“ToxicPanda” banking trojan from Asia hit Europe and LATAM