Tuesday , January 21 2025

Patch Now! Cisco Confirms Critical RADIUS Protocol Vulnerability

Cisco has issued a security advisory (CVE-2024-3596) in the RADIUS protocol, which is widely used for network access authentication and authorization. This vulnerability could let an attacker bypass multi-factor authentication (MFA) and gain unauthorized network access.

The vulnerability is due to a problem in the MD5 Response Authenticator signature in the RADIUS protocol. An attacker with network access can exploit this to bypass authentication and gain unauthorized access to sensitive network resources.

Multiple Azure DevOps Vulns Allow To Inject CRLF Queries & Rebind DNS

Security researchers have found several vulnerabilities in Azure DevOps that could enable attackers to inject CRLF queries and carry out...
Read More
Multiple Azure DevOps Vulns Allow To Inject CRLF Queries & Rebind DNS

Intel holds 22 employees from one Bangladeshi University

Intel Corporation is a leading semiconductor chip manufacturer, employing at least 22 graduates from the Department of Applied Chemistry and...
Read More
Intel holds 22 employees from one Bangladeshi University

VPN Surge 1500% in USA after TikTok Shut Down

vpnMentor’s Research Team is monitoring the potential TikTok ban in the U.S., driven by national security and data privacy issues....
Read More
VPN Surge 1500% in USA after TikTok Shut Down

MITRE Launches D3FEND 1.0; The Milestone for Cybersecurity Ontology

MITRE launched D3FENDTM 1.0, a cybersecurity framework that provides a vocabulary and understanding of the cyber domain. D3FEND 1.0, funded...
Read More
MITRE Launches D3FEND 1.0; The Milestone for Cybersecurity Ontology

AWS Patches Multiple Vulns in WorkSpaces, AppStream 2.0

Amazon Web Services (AWS) has recently fixed two major security vulnerabilities in its cloud services: Amazon WorkSpaces, Amazon AppStream 2.0,...
Read More
AWS Patches Multiple Vulns in WorkSpaces, AppStream 2.0

Malware Trends Review 2024: Ever Recorded Cyber Threats

Last year saw a significant rise in cyber threats, with malware becoming more advanced and attack strategies more sophisticated. A...
Read More
Malware Trends Review 2024: Ever Recorded Cyber Threats

Botnet Exploits 13,000 MikroTik Devices Abusing Misconfigured DNS

A recent Infoblox Threat Intel report reveals a sophisticated botnet that exploits DNS misconfigurations to spread malware widely. This botnet,...
Read More
Botnet Exploits 13,000 MikroTik Devices Abusing Misconfigured DNS

CVE-2024-9042
Code Execution Vulnerability Found in Kubernetes Windows Nodes

A new security flaw traced, CVE-2024-9042, poses a serious risk to Kubernetes clusters with Windows worker nodes. It has a...
Read More
CVE-2024-9042  Code Execution Vulnerability Found in Kubernetes Windows Nodes

Hacker leaked 15k config files and VPN passwords of FortiGate firewall device

The hacking group "Belsen Group" has posted over 15,000 unique FortiGate firewall configurations online. The data dump, reportedly obtained by exploiting...
Read More
Hacker leaked 15k config files and VPN passwords of FortiGate firewall device

Registration open for 1st Agile Cyber Drill 2025

Registration open for "1st Agile Cyber Drill-2025" scheduled for February 26, 2025 online with an awards ceremony for 9 March...
Read More
Registration open for 1st Agile Cyber Drill 2025

Cisco has confirmed that a wide range of its products are affected by this vulnerability, including:

Network and Content Security Devices:

Adaptive Security Appliance (ASA) (CSCwk71992)
Firepower Device Manager (FDM) (CSCwk69454)
Firepower Management Center (FMC) Software (CSCwk71817)
Ezoic
Firepower Threat Defense (FTD) Software (CSCwk67902)
Identity Services Engine (ISE) (CSCwk67747)
Secure Email Gateway (CSCwk70832)
Secure Web Appliance (CSCwk70834)

Network Management and Provisioning:

Application Policy Infrastructure Controller (APIC) (CSCwk70836)
Crosswork Change Automation (CSCwk70850)
Nexus Dashboard (CSCwk70840)
Routing and Switching – Enterprise and Service Provider:
ASR 5000 Series Routers (CSCwk70831)
Catalyst SD-WAN Controller (CSCwk70854)

Unified Computing:

UCS Central Software (CSCwk71967)
UCS Manager (CSCwk70842)

Cisco has confirmed that the following products are not affected by this vulnerability:

Nexus Dashboard Insights
Secure Workload
Firepower 4100/9300 FXOS Firepower Chassis Manager
Secure Malware Analytics Appliance
Umbrella Active Directory (AD) Connector
Cisco Evolved Programmable Network Manager (EPNM)
DNA Spaces Connector
Policy Suite
Ultra Cloud Core – Policy Control Function
UCS B-Series Blade Servers
Various Aironet and Catalyst series access points and wireless LAN controllers

The Cisco Product Security Incident Response Team (PSIRT) is aware of proof-of-concept exploit code available for this vulnerability but has not detected any malicious exploitation in the wild.

Cisco advises customers to promptly apply the available patches for their affected products. There are no workarounds for this vulnerability.

Check Also

Kubernetes

CVE-2024-9042
Code Execution Vulnerability Found in Kubernetes Windows Nodes

A new security flaw traced, CVE-2024-9042, poses a serious risk to Kubernetes clusters with Windows …

Leave a Reply

Your email address will not be published. Required fields are marked *