fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Cisco Fixes Critical, High Severity Pre-auth Flaws in VPN Routers

Cisco Fixes Critical, High Severity Pre-auth Flaws in VPN Routers

Cisco has addressed pre-auth security vulnerabilities impacting multiple Small Business VPN routers and allowing remote attackers to trigger a denial of service condition or execute commands and arbitrary code on vulnerable devices.

The two security flaws tracked as CVE-2021-1609 (rated 9.8/10) and CVE-2021-1602 (8.2/10) were found in the web-based management interfaces and exist due to improperly validated HTTP requests and insufficient user input validation, respectively.

CVE-2021-1609 impacts RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN routers, while CVE-2021-1602 affects RV160, RV160W, RV260, RV260P, and RV260W VPN routers.

Both bugs are exploitable remotely without requiring authentication as part of low complexity attacks that don’t require user interaction.

Attackers could exploit the vulnerabilities by sending maliciously crafted HTTP requests to the affected routers’ web-based management interfaces.

Remote management disabled on all impacted routers

Luckily, as the company explains, the remote management feature is disabled by default on all affected VPN router models.

“The web-based management interface for these devices is available through local LAN connections by default and cannot be disabled there,” Cisco says.

“The interface can also be made available through the WAN interface by enabling the remote management feature. By default, the remote management feature is disabled on affected devices.”

To find out if remote management is enabled on your devices, you have to open the router’s web-based management interface via a local LAN connection and check if the Basic Settings > Remote Management option is toggled on.

Cisco has released software updates to address these vulnerabilities and says no workarounds are available to remove the attack vectors.

To download the patched firmware from Cisco’s Software Center, you must click Browse All on Cisco.com and navigate to Downloads Home > Routers > Small Business Routers > Small Business RV Series Routers.

Also Read: Vulnerability Assessment vs Penetration Testing: And Why You Need Both

No in the wild exploitation

While Cisco says that its “Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use” of the two security flaws, similar router vulnerabilities have been targeted in the past by attackers in the wild.

In August 2020, Cisco warned of actively exploited zero-day bugs (CVE-2020-3566 and CVE-2020-3569) in carrier-grade IOS XR routers with multicast routing enabled. The company patched the zero-days during late September 2020, one month after the initial warning.

One month later, in October 2020, Cisco again warned of attacks actively targeting a separate high severity vulnerability (CVE-2020-3118) impacting the IOS XR Network OS deployed on the same router models.

The same day, the US National Security Agency (NSA) also included CVE-2020-3118 among 25 security vulnerabilities targeted or exploited by Chinese state-sponsored threat actors.

Also Read: When to Appoint a Data Protection Officer

In July 2020, Cisco fixed another actively exploited ASA/FTD firewall bug and a pre-auth critical remote code execution (RCE) flaw that could lead to full device takeover on vulnerable devices.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us