Threat Watch

Cisco Addresses 32 Vulnerabilities

Earlier this week, Cisco publicly announced 30 patches for 32 vulnerabilities that were found in a multitude of their products. Three of the vulnerabilities received a critical rating and out of the remainder, 14 received a high rating and the other 15 were rated medium. The most talked about critical finding is the Apache Strut Remote Code Execution (CVE-2018-11776) which stems from a lack of validation that users provide. This allows for inputs to be placed in the framework of the Struts when configured in specific ways.  Cisco Umbrella API Unauthorized Access Vulnerability (CVE-2018-0435) was the next critical vulnerability to be patched. If successfully exploited, this would give a remote attacker the ability to make changes across many organizations since the Umbrella acts as the first line of defense on certain cloud services. Lastly, the Cisco Routers Management Interface Buffer Overflow Vulnerability (CVE-2018-0423) halted the ability for attackers to execute arbitrary code and forms of denial of service in Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router products. Although the Apache Struts is the only vulnerability being exploited in the wild at this time, it is advised to be conscious of the other risks.

ANALYST NOTES