Cisco has patched multiple vulnerabilities in Small Business routers, Cisco Connected Mobile Experiences (CMX) and AnyConnect products.
An attacker could remotely exploit some of these vulnerabilities to take control of an impacted system.
Small Business routers
Cisco patched three vulnerabilities (CVE-2021-1159, CVE-2021-1160 and CVE-2021-1161) in Cisco Small Business Router models that could result in arbitrary code execution.
“Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly,” Cisco stated in the advisory.
Moreover, Cisco also fixed three additional vulnerabilities (CVE-2021-1146, CVE-2021-1147 and CVE-2021-1148) in these same Small Business routers.
An authenticated remote attacker could exploit these vulnerabilities to inject and execute arbitrary commands with root privileges.
“The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to a targeted device,” Cisco warned in the advisory.
Each of the two advisories are listed as High severity and CVSS score of 7.2. The Cisco Product Security Incident Response Team (PSIRT) is also not aware of any public exploits of these vulnerabilities at the time of the advisories.
Cisco Connected Mobile Experiences (CMX)
Cisco also patched a privileged escalation vulnerability CVE-2021-1144 in Cisco Connected Mobile Experiences. The flaw is attributed to incorrect handling of authorization checks for password changes.
“An authenticated attacker without administrative privileges could exploit this vulnerability by sending a modified HTTP request to an affected device. A successful exploit could allow the attacker to alter the passwords of any user on the system, including an administrative user, and then impersonate that user,” Cisco wrote in the advisory.
This advisory is listed as High severity and CVSS score of 8.8.
AnyConnect Secure Mobility Client
Cisco also addressed a Windows DLL injection vulnerability CVE-2021-1237 in the Network Access Manager and Web Security Agent components of Cisco AnyConnect Secure Mobility Client for Windows.
An attacker could could allow an authenticated, local attacker to perform a DLL injection attack and execute arbitrary code on the affected machine with system privileges.
“The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by inserting a configuration file in a specific path in the system which, in turn, causes a malicious DLL file to be loaded when the application starts,” Cisco stated in the advisory.
This advisory is listed as High severity and CVSS score of 7.8.
Readers can check out the latest Cisco advisories as of January 14, 2021. System and Network administrators should deploy security updates to affected devices as soon as possible.
- Microsoft January 2021 Security Updates (to include zero-day RCE patch)
- Mozilla releases Firefox 84.0.2, fix for critical vulnerability (CVE-2020-16044)
- Cisco updates multiple Jabber Desktop and Mobile Client vulnerabilities
- Cisco patches 3 Critical vulnerabilities in IMC, DNA Spaces Connector and IoT products