Cisco tells customers to upgrade VPN routers or risk attack
Date:
Mon, 20 Jun 2022 09:21:42 +0000
Description:
Critical vulnerabilities found in old Cisco routers, which the company won't be patching
FULL STORY ======================================================================
Cisco has advised customers to trade in old Small Business RV VPN routers for newer models, as the old ones have high-severity vulnerabilities that it wont be patching.
As reported by BleepingComputer , the company recently discovered a vulnerability revolving around insufficient user input validation of incoming HPPT packets. By sending a specially crafted request to the web-based management interface of these devices, an attacker could end up with root-level privileges. Essentially, theyd be getting free access to the endpoint .
Tracked as CVE-2022-20825, the flaw has a severity score of 9.8, so its
pretty dangerous. It was found in four models: the RV110W Wireless-N VPN Firewall, the RV130 VPN Router, the RV130W Wireless-N Multifunction VPN Router, and the RV215W Wireless-N VPN Router.
Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 . Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/10.99. End of life
These models, however, have reached end-of-life status and as such will not
be patched.
A small caveat is that the web-based remote management interface on WAN connections needs to be enabled for the flaw to be exploitable, and by default, its not. Still, many exposed devices can be found with a quick
Shodan search.
To double-check if your routers have this feature enabled, log into the web-based management interface, and head over to Basic Settings - Remote Management, and uncheck the box. Furthermore, this is the only way to
mitigate the threat, and users are advised to do that before moving on to newer models. Cisco was said to be actively supporting models RV132W, RV160, and RV160W. Read more
Cisco will not patch serious security hole in its old VPN routers
These critical Cisco bugs need patching immediately
Cisco routers suffer from multiple maximum severity security bugs
RV160, together with RV260, RV340, and RV345, recently received a patch for five vulnerabilities with a 10/10 severity rating. Among the possibilities
for malicious actors exploiting these flaws are arbitrary code and command execution, elevation of privileges, running unsigned software, circumventing authentication, and assimilating the devices into a botnet for Distributed Denial of Service ( DDoS ) attacks.
To shield against cyberattacks of all kinds, businesses are advised to keep hardware and software up to date, run an antivirus and firewall solution, and educate employees on the dangers of phishing and ransomware .
Via BleepingComputer
======================================================================
Link to news story:
https://www.techradar.com/news/cisco-tells-customers-to-upgrade-vpn-routers-or -risk-attack/
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)