Cisco Small Business switches have critical vulnerabilities

In the Cisco switches of the Small Business revealed 4 vulnerabilities that allow the remote attacker without authentication to get full access to the ROOT device. To operate the problems, the attacker must be able to send requests to the network port, which ensures the operation of the Web interface. Problems are assigned critical hazard level (9.8 out of 10). Reports the presence of a prototype of working exploit.

Identified vulnerability (CVE-2023-20159, CVE-2023-20160, CVE-2023-20161, CVE-2023-20189) are caused by errors when working with memory in various processors available at the stage before authentication. Vulnerabilities lead to overflow of the buffer when processing specially designed external data. In addition, the Cisco Small Business series identified four less dangerous vulnerabilities (CVE-2023-20024, CVE-2023-20156, CVE-2023-20157, CVE-2023-20158), allowing to remotely initiate the refusal of maintenance, and one vulnerability (one CVE-2023-20162), which makes it possible without authentication to get information about the configuration of the device.

Vulnerability affect the series Smart Switch 250, 350, 350x, 550x, Business 250 and Business 350, as well as the Small Business 200, 300 and 500 series. In the series 220 and Business 220, vulnerability is not manifested. Problems are eliminated in firmware updates 2.5.9.16 and 3.3.0.16. For the series Small Business 200, 300 and 500, the firmware updates will not be formed, since the life cycle of these models is already completed.

/Reports, release notes, official announcements.