Cisco tells customers to upgrade VPN routers or risk attack

By Scott Marlette Last updated Jun 20, 2022

Cisco has advised customers to trade in old Small Business RV VPN routers for newer models, as the old ones have high-severity vulnerabilities that it won’t be patching.

As reported by BleepingComputer, the company recently discovered a vulnerability revolving around insufficient user input validation of incoming HPPT packets. By sending a “specially crafted request” to the web-based management interface of these devices, an attacker could end up with root-level privileges. Essentially, they’d be getting free access to the endpoint (opens in new tab).

Tracked as CVE-2022-20825, the flaw has a severity score of 9.8, so it’s pretty dangerous. It was found in four models: the RV110W Wireless-N VPN Firewall, the RV130 VPN Router, the RV130W Wireless-N Multifunction VPN Router, and the RV215W Wireless-N VPN Router.

End of life

These models, however, have reached end-of-life status and as such will not be patched.

A small caveat is that the web-based remote management interface on WAN connections needs to be enabled for the flaw to be exploitable, and by default, it’s not. Still, many exposed devices can be found with a quick Shodan search.

To double-check if your routers have this feature enabled, log into the web-based management interface, and head over to Basic Settings – Remote Management, and uncheck the box. Furthermore, this is the only way to mitigate the threat, and users are advised to do that before moving on to newer models. Cisco was said to be “actively supporting” models RV132W, RV160, and RV160W.

RV160, together with RV260, RV340, and RV345, recently received a patch for five vulnerabilities with a 10/10 severity rating. Among the possibilities for malicious actors exploiting these flaws are arbitrary code and command execution, elevation of privileges, running unsigned software, circumventing authentication, and assimilating the devices into a botnet for Distributed Denial of Service (DDoS) attacks.

To shield against cyberattacks of all kinds, businesses are advised to keep hardware and software up to date, run an antivirus and firewall (opens in new tab) solution, and educate employees on the dangers of phishing and ransomware.

Via BleepingComputer (opens in new tab)

For all the latest Technology News Click Here

For the latest news and updates, follow us on Google News.

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.