Cisco warns of a serious vulnerability in software for wireless industrial applications. With a maximum CVSS score of ten, Cisco customers better not take it lightly.
Cisco has discovered a serious vulnerability in the Web-based management interface of its Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul (URWB) access points. This vulnerability allows attackers to remotely execute commands with root privileges. No workaround is currently available.
Command injection via management interface
The vulnerability is labeled CVE-2024-20418 and is given a CVSS score of 10, the maximum score that is not handed out too much. The vector is faulty input validation in the Web interface of certain Cisco Access Points running in URWB mode.
By sending specific HTTP requests, malicious actors can execute commands with root privileges on the operating system of the affected device. Access to root privileges allows an attacker to gain full control of the device.
This vulnerability affects Catalyst IW9165D, IW9165E and IW9167E models when configured in URWB mode. Cisco Access Points that do not operate in URWB mode are not susceptible to this attack. A list of products that are or are not vulnerable can be found in Cisco’s bulletin.
To determine if the device is vulnerable, users can use the CLI command show mpls-config execute. If the command is available, it means that URWB mode is enabled and the device may be vulnerable.
Update available
Cisco has released security updates to fix this vulnerability. Users of affected systems are advised to install the available updates as soon as possible. We can only applaud and reiterate that advice.
No workarounds are available: only the update provides a solution. For customers with service contracts, the updates are available through the usual channels, while other customers can obtain the updates through Cisco’s help desk. The networking company further recommends keeping an eye on security advisories. Cisco does require that at times.