Cisco scores a perfect CVSS 10 with critical flaw in its wireless system
Ultra-Reliable Wireless Backhaul doesn't live up to its name
Cisco is issuing a critical alert notice about a flaw that makes its so-called Ultra-Reliable Wireless Backhaul systems easy to subvert.
The weakness – dubbed CVE-2024-20418 and made public yesterday – is with the Unified Industrial Wireless Software that the devices use. Crucially, the flaw is serious enough that a remote attacker with no privileges could upgrade themselves to admin-level access and install whatever nasties they like.
"An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system," Cisco warned. "A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system of the affected device."
- Emergency patch: Cisco fixes bug under exploit in brute-force attacks
- Cisco is abandoning the LoRaWAN space, and there's no lifeboat for IoT customers
- Scumbag puts 'stolen' Nokia source code, SSH and RSA keys, more up for sale
- Why Cisco reportedly wants in on CoreWeave's rent-a-GPU racket
The following kit is affected and needs immediate patching if URWB is enabled – there are no workarounds:
- Catalyst IW9165D Heavy Duty Access Points;
- Catalyst IW9165E Rugged Access Points and Wireless Clients;
- Catalyst IW9167E Heavy Duty Access Points.
You can check if it is enabled on your own kit by using the show mpls-config CLI command.
The flaw carries a CVSS score of 10.0 because it's both simple and devastatingly effective. It's also dangerous because this kind of kit is designed for industrial uses and it is just the kind of code you'd expect to find in critical infrastructure targets – such as ports or factories.
You can get your fix here and are advised to apply it immediately. There are not yet any reported sightings of the vulnerability being exploited in the wild. ®