Tag: Cisco

  • Cisco Patches Critical Security Vulnerabilities

    Affected Products

    The critical and high-severity vulnerabilities that were patched affect many products across Cisco’s product line including:

    • Cisco SD-WAN
    • Cisco DNA Center Command Runner
    • Cisco DNA Center
    • Cisco Smart Software Manager Satellite Web UI
    • Cisco Data Center Network Manager
    • Cisco Finesse OpenSocial Gadget Editor
    • Cisco Secure Web Appliance
    • Cisco Advanced Malware Protection for Endpoints and Immunet for Windows
    • Cisco Umbrella Dashboard

    For a complete list of affected products, check Cisco’s Security Center.

    The Vulnerabilities Addressed

    The patches addressed numerous critical vulnerabilities and exposures (CVEs), including serious threats such as command injections, SQL injections, DLL hijacking, cross-site request forgery attacks, directory traversals, and more. Some of the most critical, such as a buffer overflow in SD-Wan, allow for unauthenticated, remote code execution as the root user and should be patched immediately. Cisco does not believe these were actively being used in the wild, but they should nonetheless be treated seriously and patched immediately. 

    Remediation

    Cisco recommends patching all affected products as soon as possible as there are no current workarounds to the newly released critical vulnerabilities. A full list of Cisco’s recent security advisories is also available from the company’s security center.

    Does your company have a vulnerability management plan in place? Take a look at this video as Raxis’ CTO Brian Tant explains why you should.

  • Why you should turn off Cisco Smart Install now

    In this video, I explain how Cisco Smart Install can leave you and your company vulnerable if it is left on. (Helpful hint: Cisco Smart Install is often on by default, so watch this and then go check your network).

    Network admins are surely familiar with Cisco Smart Install – the handy plug-and-play configuration and management feature that offers zero-touch deployments. 

    And though Cisco is known for security, and the Smart Install feature has some great benefits – such as allowing you to easily deploy network switches in a Cisco environment with no assistance from a network admin – it also can be a security risk if you leave it turned on.  Whether by design or default, I find a lot of cases where it’s left on, but none where it’s actually in use at that time. For a penetration tester, that’s a key finding.

    Have you checked your network to see if Cisco Smart Install is on. It was, wasn’t it? And, you did turn it off, right?

    If so, you closed off a simple but often effective door for hackers. 

    Raxis is an elite team of professionals who are paid to attack and assess cybersecurity systems. We can help you pinpoint security threats and find ways to remediate them leaving your company more secure than we found it.  

    Ready to find out how secure your network really is? Reach out to us and let’s discuss your needs and how we can help.