The network supplier Cisco has closed dangerous security gaps in several products. In most cases, attackers can paralyze devices such as access points via DoS attacks. Security patches are available for download.
Advertisement
DoS attacks
The majority of closed vulnerabilities are with the threat level “high“. Remote attackers can, for example, attack a vulnerability (CVE-2024-20311) in the network operating systems IOS and IOS Lead to restart.
Sending manipulated IPv4 packets (CVE-2024-20314) can overload the CPU so that no data traffic is processed. An attack on access points can lead to reloads (CVE-2024-20271). This may also be the case with Catalyst 6000 Series switches (CVE-2024-20276).
Root attack
Because IOS XE does not adequately validate user input (CVE-2024-20278 “medium“), attackers who are already logged in can send special entries via Netconf and thus promote themselves to root users. It is also conceivable that attackers could bypass Cisco Secure Boot on access points and thus execute software contaminated with malicious code (CVE-2024-20265 “high “).
Admins should look at the warning messages linked to them below this message and install the secured versions listed therein.
Harden VPN
In password spray attacks, attackers speculate that users use identical passwords on different online services. If such a password is known from a leak, attackers automatically try to log in to other services. This can also be the case with VPN connections.
To prevent this, Cisco has a document Tips against password spray attacks published in this context. To ensure that such attacks are ineffective from the outset, a different password should be used for each service.
List sorted in descending order by threat level:
(of)