Cisco Wireless Access Point Software Device Analytics Action Frame Injection Vulnerability

🚨 SEVERITY: MEDIUM — CVSS 4.3 Security Advisory

TL;DR 📌

A medium-severity vulnerability has been identified in Cisco Wireless Access Point Software related to Device Analytics action frame processing. An unauthenticated adjacent attacker could exploit this vulnerability to inject arbitrary information into wireless 802.11 action frames. Cisco has released fixed software, but no workarounds are available.

What happened 🕵️‍♂️

A vulnerability in the Device Analytics action frame processing of Cisco Wireless Access Point Software allows an unauthenticated, adjacent attacker to inject wireless 802.11 action frames with arbitrary information. This issue arises from insufficient verification checks of incoming 802.11 action frames. Successful exploitation could modify the Device Analytics data of valid wireless clients connected to the same wireless controller.

[]

Cisco Access Point Software Intermittent IPv6 Gateway Change Vulnerability

🚨 SEVERITY: MEDIUM — CVSS 4.3 Security Advisory

TL;DR 📌

A medium-severity vulnerability has been identified in Cisco Access Point Software that could allow an unauthenticated, adjacent attacker to modify the IPv6 gateway on affected devices. There are no workarounds available, and users are advised to upgrade to fixed software releases.

What happened 🕵️‍♂️

A vulnerability in the IPv6 Router Advertisement (RA) packet processing of Cisco Access Point Software could allow an unauthenticated, adjacent attacker to change the IPv6 gateway on affected devices. This vulnerability arises from a logic error in processing IPv6 RA packets received from wireless clients. An attacker could exploit this by associating with a wireless network and sending crafted IPv6 RA packets, potentially leading to intermittent packet loss for associated wireless clients.

[]

Cisco IOS XE Software for Catalyst 9000 Series Switches Denial of Service Vulnerability

🚨 SEVERITY: HIGH — CVSS 7.4 Security Advisory

TL;DR 📌

A denial of service vulnerability has been identified in Cisco IOS XE Software for Catalyst 9000 Series Switches. An unauthenticated, adjacent attacker can exploit this vulnerability by sending crafted Ethernet frames, causing an egress port to drop all outbound traffic. The highest CVSS score is 7.4 (High). Cisco has released fixed software, but no workarounds are available.

What happened 🕵️‍♂️

A vulnerability exists in the handling of certain Ethernet frames within Cisco IOS XE Software for Catalyst 9000 Series Switches. This flaw allows an unauthenticated, adjacent attacker to send crafted Ethernet frames, which can block an egress port, resulting in a denial of service (DoS) condition. Once exploited, the affected port will drop all outbound traffic, severely impacting network operations.

[]

Cisco IOS XE Software on Cisco Catalyst 9500X and 9600X Series Switches Virtual Interface Access Control List Bypass Vulnerability

🚨 SEVERITY: MEDIUM — CVSS 5.3 Security Advisory

TL;DR 📌

A Medium severity vulnerability has been identified in Cisco IOS XE Software affecting Catalyst 9500X and 9600X Series Switches. An unauthenticated remote attacker could exploit this vulnerability to bypass configured access control lists (ACLs) on affected devices. Cisco has released software updates to address this issue, and there are workarounds available.

What happened 🕵️‍♂️

A vulnerability in the access control list (ACL) programming of Cisco IOS XE Software allows an unauthenticated, remote attacker to bypass a configured ACL on affected devices. This occurs when an attacker floods traffic from an unlearned MAC address on a switch virtual interface (SVI) with an egress ACL applied. If the MAC address table is full or flushed, the attacker could successfully bypass the egress ACL.

[]

Cisco SD-WAN vEdge Software Access Control List Bypass Vulnerability

🚨 SEVERITY: MEDIUM — CVSS 5.8 Security Advisory

TL;DR 📌

A vulnerability in Cisco SD-WAN vEdge Software could allow unauthenticated remote attackers to bypass access control lists (ACLs) on affected devices. This vulnerability has a medium severity rating (CVSS 5.8). Cisco has released fixed software and workarounds are available.

What happened 🕵️‍♂️

A vulnerability has been identified in the access control list (ACL) processing of IPv4 packets within Cisco SD-WAN vEdge Software. This flaw allows an unauthenticated remote attacker to bypass configured ACLs due to improper enforcement of the implicit deny rule at the end of an ACL. By exploiting this vulnerability, attackers can send unauthorized traffic to an affected device’s interface, potentially compromising network security.

[]

Cisco IOS and IOS XE Software CLI Denial of Service Vulnerability

🚨 SEVERITY: MEDIUM — CVSS 6.5 Security Advisory

TL;DR 📌

A medium-severity vulnerability has been identified in the CLI of Cisco IOS and IOS XE Software, allowing an authenticated local attacker to cause a denial of service (DoS) by exploiting a buffer overflow. No workarounds are available, and Cisco recommends upgrading to fixed software releases.

What happened 🕵️‍♂️

A vulnerability in the CLI of Cisco IOS and IOS XE Software could allow an authenticated, local attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This issue arises from a buffer overflow that can be exploited using crafted commands at the CLI prompt. While proof-of-concept exploit code is available, there have been no reports of malicious exploitation.

[]

Cisco IOS Software Industrial Ethernet Switch Device Manager Denial of Service Vulnerability

🚨 SEVERITY: HIGH — CVSS 7.7 Security Advisory

TL;DR 📌

A denial of service (DoS) vulnerability has been identified in the web UI of Cisco IOS Software for Industrial Ethernet Switches. An authenticated remote attacker with low privileges can exploit this vulnerability by sending a specially crafted URL, potentially causing the device to reload and become unavailable. Cisco has released software updates to address this issue, but there are no workarounds available.

[]

Cisco IOS and IOS XE Software TACACS+ Authentication Bypass Vulnerability

🚨 SEVERITY: HIGH — CVSS 8.1 Security Advisory

TL;DR 📌

A vulnerability in Cisco IOS and IOS XE Software could allow unauthenticated remote attackers to bypass TACACS+ authentication or view sensitive data. The highest CVSS score is 8.1, classified as High severity. Cisco has released fixes and workarounds are available.

What happened 🕵️‍♂️

A vulnerability has been identified in the TACACS+ protocol implementation within Cisco IOS and IOS XE Software. This issue arises because the software does not properly verify if the required TACACS+ shared secret is configured. As a result, an attacker could exploit this vulnerability to intercept unencrypted TACACS+ messages or impersonate the TACACS+ server, potentially allowing unauthorized access to sensitive information or bypassing authentication altogether.

[]

Cisco IOS XE Software HTTP API Command Injection Vulnerability

🚨 SEVERITY: HIGH — CVSS 8.8 Security Advisory

TL;DR 📌

A command injection vulnerability has been identified in the HTTP API subsystem of Cisco IOS XE Software. This flaw could allow an attacker to execute commands with root privileges, posing a significant security risk. Users are advised to upgrade to fixed software as there are no workarounds available.

What happened 🕵️‍♂️

Cisco has disclosed a vulnerability in the HTTP API subsystem of Cisco IOS XE Software that could allow a remote attacker to inject commands that execute with root privileges. This vulnerability arises from insufficient input validation. An attacker with administrative privileges could exploit this by authenticating to an affected system and making an API call with crafted input. Alternatively, an unauthenticated attacker could trick a legitimate user with administrative privileges into clicking a malicious link. Successful exploitation could lead to arbitrary command execution as the root user.

[]

Cisco IOS XE Software CLI Argument Injection Vulnerability

🚨 SEVERITY: MEDIUM — CVSS 6.0 Security Advisory

TL;DR 📌

A medium-severity vulnerability has been identified in Cisco IOS XE Software that allows authenticated local attackers with administrative privileges to execute arbitrary commands on the underlying operating system. No workarounds are available, and users are advised to upgrade to fixed software as soon as possible.

What happened 🕵️‍♂️

A vulnerability in the Command-Line Interface (CLI) of Cisco IOS XE Software could allow an authenticated local attacker with administrative privileges to execute arbitrary commands as root on the affected device’s operating system. This issue arises from insufficient validation of user arguments passed to specific CLI commands. An attacker could exploit this by logging in with valid administrative credentials and using crafted commands.

[]