Cisco Released Patches for Multiple Vulnerabilities Including Critical Holes in Catalyst PON

Cisco
Cisco

Cisco has released updates for a number of vulnerabilities in its product line, including serious security flaws in the Catalyst Passive Optical Network (PON) series switches and the Policy Suite software.

The most serious of these weaknesses, according to Cisco, are CVE-2021-34795 and CVE-2021-40113 (CVSS 10.0), two flaws in Catalyst PON switches that might be exploited to log in to a susceptible device using inadvertent debugging credentials or perform unauthenticated command injection.

CVE-2021-34795 exists in the Telnet service of Cisco Catalyst PON series switches ONT, according to the business, and could be used to create a Telnet session with the device using the default credential. The vulnerability would allow the attacker to gain control of the gadget.

The second CVE-2021-40113 flaw affects the enterprise switches’ web-based management interface and can be exploited remotely without requiring authentication. The issue allows an attacker to execute commands as root because user-supplied input isn’t fully verified.

Cisco patched a third vulnerability in the same devices (Catalyst PON switch CGP-ONT-1P, CGP-ONT-4P, CGP-ONT-4PV, CGP-ONT-4PVC, and CGP-ONT-4TVCW types) that could be abused remotely without authentication to change the device’s settings. CVE-2021-40112 is the bug’s identifier (CVSS 8.6).

Cisco also addressed a serious security issue in Policy Suite’s key-based SSH authentication method this week. The vulnerability, identified as CVE-2021-40119 (CVSS 9.8), could allow an unauthenticated, remote attacker to log in as root on a vulnerable device.

Because static SSH keys are utilised across installations, an adversary might grab the keys from an attacker-controlled system and then use them to log in to a susceptible system.

Cisco also released updates for a high-severity vulnerability (CVE-2021-34739, CVSS score 8.1) in small business switches on Wednesday, which might allow an attacker to remotely access a susceptible device by replaying valid user session credentials.

A remote attacker might exploit a high-severity hole (CVE-2021-34741, CVSS score of 7.5) in AsyncOS software for Cisco Email Security Appliance (ESA) to cause a denial of service scenario. The vulnerability exists due to poor input validation of incoming emails, and it does not require authentication to be exploited successfully.

Cisco also patched Webex, Umbrella, Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM), Unified Communications, Common Services Platform Collector (CSPC), Prime Access Registrar, and AnyConnect Secure Mobility Client for Windows for various medium-severity security flaws.

However, because these products have reached end-of-life, a couple of medium-severity concerns detected in Small Business 200, 300, and 500 series switches and RV series routers will remain unpatched.

Cisco stated that none of the vulnerabilities have been exploited in the wild.

Jennifer Thomas
Jennifer Thomas is the Co-founder and Chief Business Development Officer at Cybers Guards. Prior to that, She was responsible for leading its Cyber Security Practice and Cyber Security Operations Center, which provided managed security services.