Recently, Cisco disclosed the existence of four serious security flaws in their routers that use iOS and iOS XE software. One of the four, CVE-2020-3227 is rated at a severity of 9.8 out of 10.
It allows a remote attacker without credentials to execute commands to the operating software without proper authorization, which in turn, allows a hacker to take complete control over the system.
One of the other security flaws announced, CVE-2020-3025 is a command-injection vulnerability in Cisco 809 and 829 Industrial Integrated Services Routers and in Cisco 1000 Series Connected Grid Routers. Here, the vulnerability is that since the software doesn’t adequately validate signaling packets, a determined hacker could send malicious packets to the device to gain control of the Virtual Device Server (VDS). From there, they can compromise the entire system.
The third and fourth issues are being tracked under CVE-2020-3198 and CVE-2020-3258, and again targets the company’s 800 Series Industrial Routers. This allows hackers to execute commands to the device, causing it to crash and reboot. Like the first one we mentioned, this one scores a severity of 9.8 out of ten.
The fourth bug is somewhat less serious, scoring only a 5.7 out of ten. That one allows an attacker to modify the device’s run-time memory, overwriting system memory, and execute arbitrary code on an impacted device.
The good news is that the company already has a fix for all of the security flaws outlined above. So if you use any of the devices mentioned earlier, head to the company’s site to be sure you’ve got the latest security patch. Just to be safe, if you use any type of Cisco Industrial Router, now is a good time to double-check to make sure you’ve got the latest security patches installed. A few minutes checking could save you thousands of dollars and spare you from a great many sleepless nights.