Posted on September 6, 2023
Estimated reading time minutes
Multiple vulnerabilities have been identified in the web-based user interface of certain Cisco Series Switches which could allow an unauthenticated, remote attacker to cause a denial of service (DoS). CISCO have labelled this vulnerability as critical and should be remediated as quickly as possible. This could be achieved with arbitrary code with root privileges on an affected device.
Impact & Assessment
Due to the nature of a buffer overflow the impact has the potential to be vast and extremely disruptive. As given in the title a buffer overflow attempt is when an attacker sends data to a program, which it stores in an undersized memory allocation. The result is that information in the memory (stack) is overwritten, with crafted code (arbitrary code) inputted by the malicious actor. This code could be referring to a return address where malware is located and can run.
Mitigation & Recommendations
MITIGATIONS
CISCO has released patches for the CISCO 250 series however the other versions have entered their end of life phase.
If Atech managed your CISCO appliances, there will be a update of the released software to ensure protection from any such attempt
RECOMMENDATIONS
If Atech doesn’t manage your CISCO 250 appliances, please refer to the CISCO website to pull down the latest patch software and install as per the change control process.
Should you have any of the CISCO series, detailed in the affected versions, devices deployed on your network, it is advised that an upgrade is considered.
Affected Versions
- 250 Series Smart Switches
- 350 Series Managed Switches
- 350X Series Stackable Managed Switches
- 550X Series Stackable Managed Switches
- Business 250 Series Smart Switches
- Business 350 Series Managed Switches
- Small Business 200 Series Smart Switches
- Small Business 300 Series Managed Switches
- Small Business 500 Series Stackable Managed Switches