CyberSecurityBoard
Sponsor Register Login

Vulnerability in Cisco Industrial Devices Permits Malicious Software to Remain After Restarts

On Wednesday, Cisco released patches for a serious command injection vulnerability in the IOx application hosting environment. This vulnerability, tracked as CVE-2023-20076, is caused by parameters that are not completely sanitized when activating an application. If exploited, an attacker could execute arbitrary commands as root on the underlying host operating system. The bug bypasses measures to prevent malicious code from persisting across reboots and system resets. It affects all Cisco devices running IOS XE Software with the IOx feature enabled, if they do not support native docker, including 800 series industrial ISRs, Catalyst Access Points, CGR1000 compute modules, IC3000 industrial compute gateways, and IR510 WPAN industrial routers. Trellix, the cybersecurity firm that discovered the vulnerability, also identified a security check bypass during tar archive extraction, which could allow an attacker to write on the underlying host operating system as root. However, this issue cannot be exploited. Cisco also issued patches for several medium-severity bugs impacting Identity Services Engine and Prime Infrastructure Software, and warned of a medium-severity file upload issue impacting RV340, RV340W, RV345, and RV345P routers. Cisco has released updates to address the high-severity command injection vulnerability in the IOx application hosting environment. This vulnerability, tracked as CVE-2023-20076, could allow malicious code to persist across reboots and system resets. It affects all Cisco devices running IOS XE Software with the IOx feature enabled, if they do not support native docker. Trellix, the cybersecurity firm that discovered the vulnerability, also identified a security check bypass during tar archive extraction, which could allow an attacker to write on the underlying host operating system as root. Cisco has released security updates for the impacted industrial ISRsM7), COS-APs, IC3000 gateways, and for IOS XE-based devices configured with IOx. Updates for CGR1000 compute modules and IR510 WPAN industrial routers are planned for February 2023. In addition, Cisco has issued patches for several medium-severity bugs impacting Identity Services Engine and Prime Infrastructure Software, and warned of a medium-severity file upload issue impacting RV340, RV340W, RV345, and RV345P routers. Customers are advised to update their Cisco products as soon as possible.

This Cyber News was published on www.securityweek.com. Publication date: Thu, 02 Feb 2023 16:35:03 +0000


Cyber News related to Vulnerability in Cisco Industrial Devices Permits Malicious Software to Remain After Restarts

Recapping Cisco industrial IoT's journey: A year of security, simplification and innovation - In this blog, we'll take a look back at the key topics and trends that defined the industrial IoT journey in 2023. Empowering our industrial customers to digitize and secure operations at the same time has been prevalent in every conversation this ...
11 months ago Feedpress.me
Vulnerability in Cisco Industrial Devices Permits Malicious Software to Remain After Restarts - On Wednesday, Cisco released patches for a serious command injection vulnerability in the IOx application hosting environment. This vulnerability, tracked as CVE-2023-20076, is caused by parameters that are not completely sanitized when activating an ...
1 year ago Securityweek.com
Over 40,000 Cisco IOS XE devices infected with backdoor using zero-day - More than 40,000 Cisco devices running the IOS XE operating system have been compromised after hackers exploited a recently disclosed maximum severity vulnerability tracked as CVE-2023-20198. There is no patch or a workaround available and the only ...
1 year ago Bleepingcomputer.com
Cisco patches IOS XE zero-days used to hack over 50,000 devices - Cisco has addressed the two vulnerabilities that hackers exploited to compromise tens of thousands of IOS XE devices over the past week. The free software release comes after a threat actor leveraged the security issues as zero-days to compromise and ...
1 year ago Bleepingcomputer.com
Building Data Center Infrastructure for the AI Revolution  - This is part two of a multi-part blog series on AI. Part one, Why 2024 is the Year of AI for Networking, discussed Cisco's AI networking vision and strategy. This blog will focus on evolving data center network infrastructure for supporting AI/ML ...
9 months ago Feedpress.me
Cisco Adds New Security and AI Capabilities in Next Step Toward Cisco Networking Cloud Vision - PRESS RELEASE. AMSTERDAM, Feb. 6, 2024 /PRNewswire/ - CISCO LIVE EMEA - Cisco, the leader in networking and security, today introduced new capabilities and technologies across its networking portfolio that are designed to drive a more unified and ...
10 months ago Darkreading.com
Cisco discloses new IOS XE zero-day exploited to deploy malware implant - Cisco disclosed a new high-severity zero-day today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week. The company said it found a fix for both vulnerabilities ...
1 year ago Bleepingcomputer.com
Cisco wins Manufacturing Solution of the Year award for integrating industrial security with networking - Industrial security can be a complex undertaking, and yet OT security is quintessential for modern Industrial IoT operations. IIoT systems generally contain a variety of interconnected systems and technologies, each with its own security needs. Some ...
11 months ago Feedpress.me
What's Coming to Cisco Live Europe 2024 for the Data Center Developer? - In just a week or so, Cisco Live EMEA, 2024 will be ready to sizzle at the RAI Amsterdam. From a Cisco Cloud Networking standpoint, Cisco Nexus Dashboard, Cisco ACI, and Nexus 9000 Series switches are showing up in a big way. Read on to learn what ...
10 months ago Feedpress.me
Exploit released for critical Cisco IOS XE flaw, many hosts still hacked - Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as a zero-day to hack tens of thousands of devices. Cisco released patches for most releases of its IOS XE software but ...
1 year ago Bleepingcomputer.com
5 Tips for Pi Day Savings at the Cisco Learning Network Store - Save 25% on select training products from the Cisco Learning Network Store for 24 hours only. Two new multicloud training courses are now available in the Cisco Learning Network Store-and they're included in the Pi Day Sale. If you are an active ...
9 months ago Feedpress.me
Ransomware, Data Breaches Inundate OT & Industrial Sector - Three-quarters of industrial firms suffered a ransomware attack in the past year, with far more compromises affecting operational technology than ever before - representing a surge in attacks driven by both the industrial sector's vulnerability and ...
1 year ago Darkreading.com
Over 10,000 Cisco devices hacked in IOS XE zero-day attacks - Attackers have exploited a recently disclosed critical zero-day bug to compromise and infect more than 10,000 Cisco IOS XE devices with malicious implants. The list of products running Cisco IOS XE software includes enterprise switches, aggregation ...
1 year ago Bleepingcomputer.com
Number of hacked Cisco IOS XE devices plummets from 50K to hundreds - The number of Cisco IOS XE devices hacked with a malicious backdoor implant has mysteriously plummeted from over 50,000 impacted devices to only a few hundred, with researchers unsure what is causing the sharp decline. This week, Cisco warned that ...
1 year ago Bleepingcomputer.com
What Is Software Piracy? - Software piracy has become a worldwide issue, with China, the United States and India being the top three offenders. In 2022, 6.2% of people worldwide visited software piracy websites. Software piracy doesn't require a hacker or skilled coder. Any ...
1 year ago Pandasecurity.com
Accelerating Your Journey to the 128-bit Universe - The 2023 National Cybersecurity Strategy requires acceleration of your agency's mission to go boldly into the 128-bit address space universe with greater speed and urgency. IPv6-only is the addressing standard for the U.S. Federal Government, ...
1 year ago Feedpress.me
CVE-2021-41769 - A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < ...
2 years ago
Digitizing the Physical World: Insights from Cisco Live Melbourne and the Industrial IoT Industry Summit - A few weeks ago, I attended Cisco Live Melbourne, and it was truly a pleasure to meet and connect with leaders, gain knowledge from customers, and hear speakers from various sectors. I had the wonderful opportunity to speak in an Innovation Talk ...
11 months ago Feedpress.me
Patch Now: Cisco Zero-Day Under Fire From Chinese APT - Cisco has patched a command-line injection flaw in a network management platform used to manage switches in data centers, which, according to researchers from Sygnia, already has been exploited by the China-backed threat group known as Velvet Ant. ...
5 months ago Darkreading.com
Webex announces comprehensive Device Management Capabilities with Phonism integration - Webex is excited to announce a comprehensive solution for 3rd party Device Management referred to as 'Partner Managed Devices. ' Partner Managed Devices allows Webex Cloud Calling offers to support a flexible Device Management strategy. With this ...
1 year ago Feedpress.me
Embrace the Multicloud Era with Cisco Learning and Certifications at Cisco Live Amsterdam - It's time to come together with experts and thousands of your peers to connect, learn, and advance your career with the Learning & Certifications team at Cisco Live Amsterdam, February 5-9, 2024. Let's dive into how you can make the most of your ...
10 months ago Feedpress.me
E80 Group secures its AGVs with Cisco industrial solutions and Italtel system integration - These are the conditions for which E80 Group, an Italian multinational, based in Viano, Italy, builds its autonomous and laser guided vehicles that can move around a facility, transport materials, and interact with other machines and systems in ...
6 months ago Feedpress.me
Industrial Defender Risk Signal, a Risk-Based Vulnerability Management Solution for OT Security - PRESS RELEASE. FOXBOROUGH, Mass. , Jan. 3, 2024 /PRNewswire/ - Industrial Defender, the leading provider of OT asset data and cybersecurity solutions for industrial organizations, is excited to announce the launch of the Industrial Defender Risk ...
11 months ago Darkreading.com
Join Customer Experience for Cisco Live EMEA Demos - In her blog, Countdown to Cisco Live EMEA, Adele Trombetta, SVP, Cisco Customer Experience EMEA, mentioned how excited she is for Cisco Live EMEA in just a little more than a week, and I agree. I want to go a little deeper and give you some more ...
10 months ago Feedpress.me
Claroty Team82: 63% of Known Exploited Vulnerabilities Tracked by CISA Are on Healthcare Organization Networks - PRESS RELEASE. NEW YORK and ORLANDO, Fla., March 12, 2024/PRNewswire/ -Claroty, the cyber-physical systems protection company, released today at the annual HIMSS24 conference a new report that uncovered concerning data about the security of medical ...
9 months ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)