Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Cisco Patches Critical Vulnerabilities in Prime Infrastructure (PI) Software

Cisco has released patches for numerous vulnerabilities affecting its products, including Critical flaws in the Cisco Prime Infrastructure (PI) Software that could allow remote code execution.

A total of three vulnerabilities were identified in the PI software, namely CVE-2019-1821, CVE-2019-1822, and CVE-2019-1823, featuring a CVSS score of 9.8.

Cisco has released patches for numerous vulnerabilities affecting its products, including Critical flaws in the Cisco Prime Infrastructure (PI) Software that could allow remote code execution.

A total of three vulnerabilities were identified in the PI software, namely CVE-2019-1821, CVE-2019-1822, and CVE-2019-1823, featuring a CVSS score of 9.8.

The bugs impact the web-based management interface of Cisco PI and Cisco Evolved Programmable Network (EPN) Manager and could allow a remote attacker to execute arbitrary code with elevated privileges.

CVE-2019-1821, Cisco explains in an advisory, can be exploited by an unauthenticated attacker with network access to the affected administrative interface.

CVE-2019-1822 and CVE-2019-1823, on the other hand, require that the attacker has valid credentials to authenticate to the impacted administrative interface.

“These vulnerabilities exist because the software improperly validates user-supplied input. An attacker could exploit these vulnerabilities by uploading a malicious file to the administrative web interface. A successful exploit could allow the attacker to execute code with root-level privileges,” Cisco says. 

The vulnerabilities were found in PI Software Releases prior to 3.4.1, 3.5, and 3.6, and EPN Manager Releases prior to 3.0.1. Cisco has already released software updates to address these issues. 

The company says it is not aware of public announcements or malicious use of these vulnerabilities.

Advertisement. Scroll to continue reading.

Additionally, Cisco released patches for 10 High severity security issues in ASR 9000 Series routers, Webex Network Recording Player for Windows, Small Business Sx200, Sx300, Sx500, ESW2 Series and Sx250, Sx350, Sx550 Series switches, PI and EPN Manager, FXOS and NX-OS Software, IOS XR Software, Video Surveillance Manager, and Nexus 9000 Series switches.

Exploitation of these flaws could lead to denial of service, arbitrary code execution, execution of arbitrary SQL queries, information disclosure, or elevation of privileges to root user. 

In addition to these, Cisco released patches for over 40 Medium risk vulnerabilities, most of which were found in NX-OS software. These include command injection bugs, secure configuration bypass, buffer overflow, SSH Key information disclosure, patch traversal, and policy bypass.

The company also updated the list of products impacted by a recently disclosed vulnerability impacting its Secure Boot implementation. Tracked as CVE-2019-1649, this High severity flaw could be exploited to permanently write a modified firmware image to the hardware component of the Secure Boot. 

Related: Cisco Patches Critical Vulnerability in Data Center Switches

Related: Rockwell Patches Stratix Switch Flaws Introduced by Cisco Software

Related: Default Account in Cisco CSPC Allows Unauthorized Access

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet