Cisco Patches for High-Severity Vulnerabilities Affecting its WSA, Small Business 220 Switches


Cisco patched a number of high-severity vulnerabilities in its Web Security Appliance (WSA), Intersight Virtual Appliance, Small Business 220 switches, and other devices this week.

Successful exploitation of these flaws could allow attackers to create a denial of service (DoS), run arbitrary commands as root, or gain elevated privileges.

Two high-severity vulnerabilities (CVE-2021-34779, CVE-2021-34780) were discovered in the implementation of the Link Layer Discovery Protocol (LLDP) for Small Business 220 series smart switches, allowing arbitrary code execution and a denial of service condition.

The enterprise switch series software update also fixes four medium-severity security issues that could cause LLDP memory corruption on a vulnerable device.

Insufficient input validation in the Intersight Virtual Appliance is another serious flaw. The security flaw, identified as CVE-2021-34748, could allow arbitrary instructions to be executed with root capabilities.

Cisco also patched two high-severity flaws in its ATA 190 series and ATA 190 series multiplatform (MPP) software this week. The issues, identified as CVE-2021-34710 and CVE-2021-34735, might be used to execute malicious code and create a denial of service (DoS) scenario, respectively.

One of these flaws was disclosed to Cisco by firmware security firm IoT Inspector, which published an alert on Thursday detailing its findings.

Cisco also fixed a race issue in the AnyConnect Secure Mobility Client for Linux and macOS that could be exploited to execute arbitrary code with root privileges, as well as an inappropriate memory management flaw in AsyncOS for Web Security Appliance (WSA) that might result in DoS.

CVE-2021-1594, an insufficient input validation weakness in the REST API of Cisco Identity Services Engine, is another high-severity flaw patched this week (ISE). An attacker in a man-in-the-middle position might exploit the issue to execute arbitrary commands with root access by decrypting HTTPS data between two ISE personas on separate nodes.

Cisco also provided fixes for TelePresence CE and RoomOS, Smart Software Manager On-Premise, 220 series business switches, Identity Services Engine, IP Phone software, Email Security Appliance (ESA), DNA Center, and Orbital, which all have medium-severity issues.

Cisco has issued patches for these flaws and claims that exploits for them have not been publicly revealed. Cisco’s security portal has more information on the flaws that have been fixed.

Jennifer Thomas
Jennifer Thomas is the Co-founder and Chief Business Development Officer at Cybers Guards. Prior to that, She was responsible for leading its Cyber Security Practice and Cyber Security Operations Center, which provided managed security services.