logo

Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418)

Cisco has fixed a critical command injection vulnerability (CVE-2024-20418) affecting its Ultra-Reliable Wireless Backhaul (URWB) Access Points that can be exploited via a HTTP requests and allows complete compromise of the devices.

CVE-2024-20418

There are no workarounds to address this flaw, though vulnerable access points can be protected by switching off URWB mode, the company shared in the advisory.

The good news is that the vulnerability was discovered by a Cisco employee during internal security testing and that Cisco is not aware of any public announcements or malicious use of it.

About CVE-2024-20418

CVE-2024-20418 affects three different Cisco Catalyst IW wireless access points, used in industrial, maritime and similar settings where they have to withstand the stresses of demanding use.

These devices run on Cisco Unified Industrial Wireless Software and the vulnerability is due to improper validation of input to the software’s web-based management interface.

“An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system of the affected device,” Cisco shared, and noted that the devices that are not operating in URWB mode are not affected by the vulnerability.

“To determine whether the URWB operating mode is enabled, use the show mpls-config CLI command. If the command is available, the URWB operating mode is enabled and the device is affected by this vulnerability. If the command is not available, the URWB operating mode is disabled and the device is not affected by this vulnerability.”

Still, the most secure line of action is to update Catalyst IW9165D Heavy Duty Access Points, Catalyst IW9165E Rugged Access Points and Wireless Clients, and Catalyst IW9167E Heavy Duty Access Points to version 17.15.1 of the software, which addresses this flaw.

Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems

SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims

Free security scan for your website

Top News:

Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)

Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)

 November 18, 2024
CWE top 25 most dangerous software weaknesses

CWE top 25 most dangerous software weaknesses

 November 21, 2024
Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor

Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor

 November 21, 2024
Hackers now use AppDomain Injection to drop CobaltStrike beacons

Hackers now use AppDomain Injection to drop CobaltStrike beacons

 August 24, 2024
New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks

New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks

 November 12, 2024
Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites

Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites

 November 18, 2024