Critical vulnerabilities expose Cisco equipment to hijacking attacks

News
By last updated

Cisco uncovers multiple high-severity flaws

Cisco
(Image credit: Shutterstock / Valriya Zankovych)

Cisco has revealed it uncovered, and fixed, two "high-severity" flaws in its Catalyst PON Series Switches Optical Network Terminals which could have allowed for unauthorized root access to devices.

As reported by The Register, the two vulnerabiliies are labeled CVE-2021-34795 and CVE-2021-40113, with the former described as an "unintentional debugging credential" or, as it seems, a backdoor left by the developers, for debugging. 

Whoever knew the hidden credentials can get root access to the passive optical network switches, but to do that, the device needed to have Telnet support enabled, something that's usually off, by default.

The latter threat revolves around insufficient validation of user-supplied input. As per the report, an unauthenticated malicious actor can conduct a command injection attack on the gear's web-based management portal.

Patch available

"An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface," Cisco says. "A successful exploit could allow the attacker to execute arbitrary commands on an affected device as the root user."

The devices need to have Remote Web Management enabled, in order for the attack to work. Otherwise, the malicious actors need to reach the management portal via LAN.

It was said that the Catalyst PON Switch CGP-ONT-1P, CGP-ONT-4P, CGP-ONT-4PV, CGP-ONT-4PVC, or CGP-ONT-4TVCW are all affected. Users should make sure to update the devices as soon as possible.

The Register also said Cisco also found a high-severity (8.6 out of 10 rating) flaw in its Policy Suite product, as well. Labeled CVE-2021-40112, it allows an unauthenticated remote attacker to modify the same switches' configuration.

"A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow an unauthenticated, remote attacker to log in to an affected system as the root user," the company said. To fix this, users should update the software and install fresh SSH keys.

You might also want to check out our list of the best ransomware protection out there

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Cisco patches critical security issues, so update now
Representational image depecting cybersecurity protection
Cisco smart licensing system sees critical security flaws exploited
An image of network security icons for a network encircling a digital blue earth.
Industrial networks exposed to attack by faulty Moxa devices
Webex by Cisco banner on a Chromebook
Cisco warns some Webex users of worrying security flaw, so patch now
China
Juniper patches security flaws which could have let hackers take over your router
China
Salt Typhoon hackers used this clever technique to attack US networks
Latest in Security
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Coinbase targeted after recent Github attacks
hacker.jpeg
Key trusted Microsoft platform exploited to enable malware, experts warn
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Oracle
Oracle denies data breach after hacker claims to hold six million records
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Latest in News
A phone showing a ChatGPT app error message
ChatGPT was down for many – here's what's happened
AirPods Max with USB-C in every color
Apple's AirPods Max with USB-C will get lossless audio in April, but you'll need to go wired
A woman sitting in a chair looking at a Windows 11 laptop
It looks like Microsoft might have thought better about banishing Copilot AI shortcut from Windows 11
US flags
US government IT contracts set to be centralized in new Trump order
Tesla Roadster 2
Tesla is still taking deposits on its long overdue Roadster, despite promising it would arrive in 2020
Samsung HW-Q990D soundbar with Halloween theme over the top
Samsung promises to repair soundbars bricked by its disastrous software update for free – but it'll probably involve shipping
More about security
hacker.jpeg

Key trusted Microsoft platform exploited to enable malware, experts warn
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol

Coinbase targeted after recent Github attacks
iPhone 16 Pro Desert Titanium in hand

I think the rumored iPhone 17 Pro redesign looks great – but is it Apple enough?
See more latest