Cisco Warns of Critical Vulnerability in End-of-Life Routers


Cisco has warned customers of a critical authentication bypass vulnerability with public exploit code affecting multiple end-of-life (EoL) VPN routers.

The security flaw (tracked CVE-2023-20025) has been found in the web-based management interface of Cisco Small Business (SMB) RV016, RV042, RV042G and RV082 routers provided by Hou Liuyang of Qihoo 360 Netlab.

“[These vulnerabilities] could allow a remote attacker to bypass authentication or execute arbitrary commands on the underlying operating system of an affected device,” Cisco wrote.

According to Bugcrowd CTO Casey Ellis, SMB routers are widely deployed, and in a post-COVID hybrid/work-from-home world, the new Cisco vulnerability could impact thousands of devices.

“Branch offices, [common operating environments], and even home offices are potential users of the vulnerable product,” Ellis explained.

“Financially motivated attackers would be interested because of the raw quantity of these devices that are out there, and nation-states would likely pay attention because of the size and criticality of potential users.”

Further, the executive believes the vulnerability is also an attractive target from a technical point of view.

“As an attacker, if you manage to get RCE [remote code execution] on core routing or network infrastructure, your ability to move laterally increases exponentially.”

Mike Parkin, a senior technical engineer at Vulcan Cyber, echoed Ellis’ point, adding that the models affected by these vulnerabilities still see reasonably widespread usage, though they are all officially EoL.

“The challenge will be that these devices are typically found in small businesses with limited resources or used by individuals who may not have the budget to replace them,” Parkin warned.

“Unfortunately for them, Cisco is not going to fix this, so anyone who still has one of these in service should strongly consider replacing them with a newer kit sooner rather than later.”

Cisco confirmed it had not released software updates to address the vulnerabilities and that no workarounds address these vulnerabilities.

The flaw comes weeks after Krishna C. Tata, manager of security risk and architecture at Cisco, discussed the challenges of different security compliance frameworks.

Products You May Like

Articles You May Like

Is that survey real or fake? How to spot a survey scam
Atlassian’s Jira Software Found Vulnerable to Critical Authentication Vulnerability
Prilex PoS Malware Evolves to Block Contactless Payments to Steal from NFC Cards
Less is more: Conquer your digital clutter before it conquers you
SwiftSlicer: New destructive wiper malware strikes Ukraine

Leave a Reply

Your email address will not be published. Required fields are marked *