- A+
修补程序和解决方法修复程序可解决运行Cisco IOS XE软件的网络硬件上的缺陷。
思科系统公司周四发布了一系列补丁程序,目的是修复网络巨头无处不在的IOS操作系统中的错误。这些补丁会堵塞各种产品,并解决拒绝服务,文件覆盖和输入验证攻击。该通报已计划并且是Cisco IOS和IOS XE 软件安全通报捆绑发行的一部分。
Twenty-nine of the Cisco bugs are rated high severity, with 13 rated medium in severity. The most noteworthy are a number of vulnerabilities opening the door for remote, unauthenticated attackers to execute arbitrary code on targeted systems.
Two CVEs, tracked as CVE-2020-3421 and CVE-2020-3480, both are tied to a flaw in Cisco’s Zone-Based Firewall. “Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall,” Cisco wrote.
The bulletin also included several other vulnerabilities open to attack by remote unauthenticated and authenticated users. A web UI authorization bypass vulnerability, according to Cisco, “could allow an authenticated, remote attacker to utilize parts of the web UI for which they are not authorized.” Similarly, a split Domain Name System DoS bug is also vulnerable to a remote unauthenticated attacker.
“A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a DoS condition,” wrote Cisco. “An attacker could exploit this vulnerability by trying to resolve an address or hostname that the affected device handles. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.”
Local and Adjacent Attacks
Bugs open to exploit by local and adjacent authenticated users also peppered the list of CVEs. For example, one flaw tracked as CVE-2020-3417 impacts any Cisco hardware running Cisco IOS XE’s software and allows a authenticated, local attacker to execute arbitrary code on targeted hardware. “This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set,” according to Cisco.
“An attacker could exploit this vulnerability by installing code to a specific directory in the underlying operating system (OS) and setting a specific ROMMON variable. A successful exploit could allow the attacker to execute persistent code on the underlying OS. To exploit this vulnerability, the attacker would need access to the root shell on the device or have physical access to the device,” the bulletin added of CVE-2020-3417.
Vulnerabilities ripe for DoS attacks dominated Cisco’s list of potential exploits. Specific products included in the security bulletin include various SKUs of its Catalyst Embedded Wireless Controller (CVE-2020-3418), cBR-8 Converged Broadband Routers (CVE-2020-3509) and Cisco Aironet Access Point (CVE-2020-3559).
