Hardcoded SSH Key in Cisco Policy Suite Lets Remote Hackers Gain Root Access

Technology

Cisco Systems has released security updates to address vulnerabilities in multiple Cisco products that could be exploited by an attacker to log in as a root user and take control of vulnerable systems.

Tracked as CVE-2021-40119, the vulnerability has been rated 9.8 in severity out of a maximum of 10 on the CVSS scoring system and stems from a weakness in the SSH authentication mechanism of Cisco Policy Suite.

“An attacker could exploit this vulnerability by connecting to an affected device through SSH,” the networking major explained in an advisory, adding “A successful exploit could allow the attacker to log in to an affected system as the root user.” Cisco said the bug was discovered during internal security testing.

Automatic GitHub Backups

Cisco Policy Suite Releases 21.2.0 and later will also automatically create new SSH keys during installation, while requiring a manual process to change the default SSH keys for devices being upgraded from 21.1.0.

SSH Key in Cisco Policy Suite

Also addressed by Cisco are multiple critical vulnerabilities affecting web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) that could enable an unauthenticated, remote attacker to log in using an inadvertent debugging account existing in the device and take over control, perform a command injection, and modify the configuration of the device.

The vulnerabilities impact the following devices —

  • Catalyst PON Switch CGP-ONT-1P
  • Catalyst PON Switch CGP-ONT-4P
  • Catalyst PON Switch CGP-ONT-4PV
  • Catalyst PON Switch CGP-ONT-4PVC
  • Catalyst PON Switch CGP-ONT-4TVCW

Marco Wiorek of Hotzone GmbH has been credited with reporting the three vulnerabilities that have been assigned the identifiers CVE-2021-34795 (CVSS score: 10.0), CVE-2021-40113 (CVSS score: 10.0), and CVE-2021-40112 (CVSS score: 8.6).

Prevent Data Breaches

Lastly, Cisco has remediated two more high-severity flaws in Cisco Small Business Series Switches and Cisco AsyncOS that could allow unauthenticated, remote adversaries to gain unauthorized access to the web-based management interface of the switches and carry out a denial of service (DoS) attack —

  • CVE-2021-34739 (CVSS score: 8.1) – Cisco Small Business Series Switches session credentials replay vulnerability
  • CVE-2021-34741 (CVSS score: 7.5) – Cisco Email Security Appliance (ESA) denial of service vulnerability

Products You May Like

Articles You May Like

Pro pickleball players are getting a higher salary than WNBA players
How To Wear A Check Blazer Like A Don
‘The Price Is Right’ Fans Blast Drew Carey After Tricky Game Baffles Player
‘Virgin River’ Boss Reveals Status of Young Everett & Sarah Prequel Series
Salesforce will hire 2,000 people to sell AI products, CEO Benioff says