Cisco releases patch for critical URWB vulnerability in Industrial networking systems

Cisco has issued security updates to address a critical vulnerability affecting Ultra-Reliable Wireless Backhaul (URWB) Access Points, which allows unauthenticated remote attackers to execute commands with root privileges.

Ultra-Reliable Wireless Backhaul (URWB) is a highly reliable wireless transmission technology, commonly used to connect components within network systems, particularly in 5G mobile networks and industrial networks.

Tracked under the identifier CVE-2024-20418 (CVSS Score: 10.0), this security vulnerability was discovered in the web-based management interface of Cisco Unified Industrial Wireless Software.

The vulnerability enables unauthenticated attackers to perform low-complexity command injection attacks without requiring user interaction.

Cisco stated that the vulnerability arises from improper input validation at the management interface. An attacker could exploit the vulnerability by sending specially crafted HTTP requests to this interface on the affected system.

“Successful exploitation may allow an attacker to execute arbitrary commands with root privileges on the underlying operating system of the affected device,” Cisco noted.

CVE-2024-20418 impacts the following access points, provided these devices are running the vulnerable software and have URWB mode enabled:

– Catalyst IW9165D Heavy Duty Access Point

– Catalyst IW9165E Rugged Access Point

– Catalyst IW9167E Heavy Duty Access Point

The network equipment manufacturer emphasized that products not operating in URWB mode are not affected by CVE-2024-20418. They reported that the vulnerability was identified during internal security testing.

This issue has been resolved in Cisco Unified Industrial Wireless Software version 17.15.1. Users running version 17.14 or earlier are advised to upgrade to the fixed release.

Currently, Cisco has not disclosed any public proof-of-concept (POC) code or indications that this vulnerability has been exploited in real-world attacks. However, users are advised to update to the latest patches to ensure the safety of their systems.

Source: The Hacker News

Related Pressroom

November 14, 2024 General News

Canada orders closure of TikTok

The Government of Canada has mandated the dissolution of TikTok Technology Canada, a subsidiary of ByteDance, due to concerns regarding national security risks. However, this decision does not impose a ban on users, allowing them to continue accessing and using the platform without interruption. This action follows comprehensive national security assessments, including close scrutiny from…

November 14, 2024 General News

Microsoft releases patch addressing 90 new vulnerabilities

Recently, Microsoft announced two security vulnerabilities in Windows NT LAN Manager (NTLM) and Task Scheduler that are actively being exploited in the wild. These vulnerabilities are part of a total of 90 security flaws that the technology giant addressed in the November 2024 Patch Tuesday update. Among these, four vulnerabilities are classified as Critical, 85…

November 14, 2024 General News

Russian hackers exploit new NTLM vulnerability to distribute RAT Malware via Phishing emails

Recently, a new security vulnerability in Windows NT LAN Manager (NTLM) has been exploited by hackers suspected to have ties to Russia, as part of cyberattacks targeting Ukraine. This vulnerability, tracked under the identifier CVE-2024-43451 (with a CVSS score of 6.5), allows attackers to spoof and steal NTLMv2 Hash Disclosure information from users. Microsoft issued…