Cisco eliminated a critical vulnerability with the maximum hazard level (10 out of 10 CVSS), which allowed attackers to execute Root privileges at vulnerable access points Ultra-Relia Wireless Backhaul (URWB) used for industrial automation networks.
Vulnerability that received the identifier cve-2024-20418, was detected in the management web interface Cisco Unified Industrial Wireless Software software. Unauthorized attackers could exploit it by the Command Injection, requiring minimal preparation and not in need of the user’s interaction.
Cisco explains that the problem is caused by an incorrect verification of input data in the web interface. For the attack, it was enough to send specially formed HTTP checks to a vulnerable system, which allowed the attacker to execute arbitrary commands with ROOT privileges on the device operating system.
Vulnerability affects the Cisco Catalyst IW9165D HEAVY DUTY Access Points, Catalyst IW9165E Rugged Access Points and Wireless Clients, and Catalyst IW9167E HeAVY DUTH DUTY But only with the URWB mode on and the vulnerable version according to.
Experts from the Cisco Psirt team report that there is no evidence of the existence of exploits for this vulnerability in the public domain and its use in real attacks.
Administrators can determine whether the URWB mode is activated using the Show MPLS-Config command in the CLI interface. If the team is not available, then the URWB mode is disabled, and the vulnerability does not threaten the device.
Previously, Cisco eliminated the vulnerability of the type of refusal to serve in the Cisco Adaptive Security Appliance (ASA) and FirePower Threat Defense (FTD)
In June, the company also released security updates that corrects another vulnerability of the command injection, which allowed attackers to increase the privileges to the level of Root.
In July, speaking at the RSA conference, Jenterley, the head of the US Cybersecurity and Infrastructure Security Agency (CISA) called on developers to carefully check the code for possible vulnerability at the development stage. Reliable code, in her opinion, is the only way to eradicate cyber attacks.