Five critical vulnerabilities have been discovered affecting four widely-used families of Cisco routers. Three of the five have a 10/10 rating on the Common Vulnerability Scoring System, meaning they could be heavily exploited for the most damaging of activities.
The Register claims Cisco itself revealed the critical bugs, issuing patches for only two router families, while the fixes for the other two are still pending. Dates when the remaining fixes might be available were unknown at press time.
The routers that are affected by the flaws are usually used by small businesses, and include the RV160, RV260, RV340, and RV345 mdels.
Elevation of privileges
Among the possibilities for malicious actors exploiting these flaws are arbitrary code and command execution, elevation of privileges, running unsigned software, circumventing authentication, and assimilating the devices into a botnet for Distributed Denial of Service (DDoS) attacks.
The discovered vulnerabilities include:
CVE-2022-20699
CVE-2022-20700
CVE-2022-20701
CVE-2022-20702
CVE-2022-20708
So far, RV340 and RV345 have been patched, while RV160 and RV260 are yet to get their code.
To make matters even worse, Cisco said that a proof-of-concept exploit code is already available for some of the disclosed vulnerabilities. This is particularly worrying as many small businesses don’t have their own tech support, meaning these routers could go for months, years even, without being patched.
Following the news, cybersecurity experts from Tenable took to Shodan to scan the internet for vulnerable routers and found more than 8,000 affected devices. The good news is that so far, an exploit is yet to pop up on a public repository.
Cisco also said that there are no workarounds for these issues, and that installing the patch will be the only way to protect the device, and the network it powers, from malicious actors.
Via: The Register