Cisco has released patches to fix multiple vulnerabilities affecting its Identity Services Engine (ISE), Intelligent Node (iNode) Software, Webex App, Expressway Series, Secure Email Gateway, and RV340 and RV345 Dual WAN Gigabit VPN Routers.
The new disclosed security vulnerabilities have the potential to allow attackers to exploit sensitive information, execute arbitrary code, and even gain root access to affected devices. It is crucial for organizations using these products to prioritize patching and updating their systems to prevent potential security breaches.
1- Identity Services Engine (ISE) File Upload Flaw CVE-2024-20296
Cisco’s ISE, a popular network administration tool, was found to have a weakness in its web-based management interface. This vulnerability CVE-2024-20296 could potentially allow an attacker with valid Policy Admin credentials to upload malicious files, execute arbitrary commands, and potentially gaining root privileges.
2- Intelligent Node (iNode) Software Cryptographic Vulnerability CVE-2024-20323
Another vulnerability, CVE-2024-20323, affects Cisco iNode Software, which could allow an unauthenticated attacker to hijack the TLS connection between Cisco iNode Manager and associated intelligent nodes. This could enable the attacker to read data meant for a legitimate device, modify the startup configuration of an associated node, and cause a denial-of-service (DoS) condition.
3- Webex App Media Retrieval and Protocol Handler Vulnerabilities CVE-2024-20395 and CVE-2024-20396
As for Cisco’s widely-used Webex collaboration platform, two vulnerabilities, CVE-2024-20395 and CVE-2024-20396, were discovered that could potentially expose sensitive session information and user credentials.
4- Expressway Series Web Interface Flaw CVE-2024-20400
Another vulnerability CVE-2024-20400 was found in Cisco’s Expressway Series could allow an attacker to redirect users to malicious web pages.
5- Secure Email Gateway File Overwrite Vulnerability CVE-2024-20429
Perhaps one of the most critical issues addressed was a security flaw in Cisco’s Secure Email Gateway CVE-2024-20429. This vulnerability could allow an attacker to overwrite system files, potentially leading to a permanent denial of service. The complexity of this exploit underscores the sophisticated nature of modern cyber threats.
6- RV340 and RV345 Router Code Execution Vulnerability CVE-2024-20416
Small business owners should take note of CVE-2024-20416 vulnerability that is affecting Cisco’s RV340 and RV345 routers. This flaw could allow an authenticated attacker to execute arbitrary code with root privileges, potentially compromising the entire network.
7- Smart Software Manager On-Prem Authentication Bypass CVE-2024-20419
Another critical vulnerability CVE-2024-20419 was found in Cisco’s Smart Software Manager On-Prem could allow an unauthenticated attacker to change user passwords, including those of administrators. This highlights the critical importance of robust authentication systems and the potential consequences of their failure.
If you are are running any of the above Cisco’s products in your network environment, make sure to apply the latest patches to keep your IT environment secure.
