On many occasions, vulnerabilities appear that can compromise the security of our devices. It affects all types of operating systems, programs, and any platform that we use. Hackers can exploit this to carry out their attacks. Hence it is essential to correct the errors. In this article, we report on a series of critical flaws that affect Cisco, allowing an attacker to create administrator accounts and execute commands as root.
These are critical bugs that affect SD-WAN vManage software and HyperFlex HX. This could allow a hypothetical attacker to control as if they were an administrator and could execute arbitrary commands.
The company has released updates to correct this problem, so users should update as soon as possible. These vulnerabilities have been classified as high and medium severity precisely because of what we discussed about the possibility of carrying out remote attacks with administrator permissions.
This escalation of privileges could also lead to the denial of services on unpatched servers. Although the company has indicated that they have no evidence that there has been an attack taking advantage of these vulnerabilities, the truth is that they can be exploited both remotely and internally.
An attacker could not only carry out code execution remotely but also access and steal confidential information. This is something that could affect both home users and companies and organizations.
These flaws could be exploited locally by authenticated attackers to gain elevated privileges or unauthorized access to an attack-vulnerable application.
The errors critical security Cisco have been registered as CVE-2021-1497, CVE-2021-1468, and CVE-2021-1505, with a score from 9.1 to 9.8 out of 10. In particular are the following vulnerabilities:
Remember that these failures only affect the software that operates in a cluster, as indicated by Cisco.
The company itself indicates that customers can check if the software is operating in cluster mode. To do this, go to Administration> Cluster Management in the Cisco SD-WAN vManage web-based management interface.
Keep in mind that it is not the first problem of this type that we have seen in recent months. Vulnerabilities may appear that are exploited by attackers, as we see. Hence the importance of always keeping equipment updated. There are many devices that we use. We have already seen that there are differences between router and access point, but you always have to install the latest versions.
Therefore, there is no better way to correct this problem and other similar vulnerabilities that may appear always to keep systems and devices with the latest versions. We will not only improve performance but also fix security issues that may arise. The objective is to prevent the entry of intruders that could compromise us.
Also Read: Bitcoin Currency: Some Interesting Facts
In the present scenario, there is a growing demand for skilled product owners in the… Read More
Professional SEO: Did you know that Google accounted for more than 70% of desktop search… Read More