fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing

        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing

        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing

        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing

        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training

        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing

        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review

        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention

        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise

        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle

        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

I'VE BEEN BREACHED

Cisco Fixes Critical Bugs in SMB Routers, Exploits Available

Cisco Fixes Critical Bugs in SMB Routers, Exploits Available

Cisco has released patches for multiple vulnerabilities in the Small Business RV Series router platform that could allow remote attackers to gain complete control over the device, in many cases, without authentication.

In total, there are fifteen vulnerabilities fixed by these security updates, with five of them rated as Critical as threat actors can use them to gain ‘root’ privileges or remotely execute commands on the device.

According to the advisory, an attacker exploiting these flaws could execute arbitrary code, elevate privileges, run commands, bypass authentication protections, retrieve and execute unsigned software, and cause a denial of service (DoS) condition.

Also Read: Top 9 Proper Guidelines on How to Make Data Transfer Agreement Template

Numerous critical flaws

Cisco’s advisory notes that multiple security vulnerabilities have been classified as ‘Critical’ due to the ease of exploitation and potential for abuse.

The most significant vulnerabilities in terms of their severity are:

CVE-2022-20699: A code execution flaw in the SSL VPN module caused by an insufficient boundary check when processing specific HTTP requests. (CVSS v3 score 10.0)

CVE-2022-20700 and CVE-2022-20701: Privilege escalation (up to root) flaws in the router’s web-based management interface, which suffers from insufficient authorization enforcement mechanisms. (CVSS v3 score 10.0 and 9.0 respectively)

CVE-2022-20703: A signature verification bypass vulnerability in the software image verification feature, relying on the improper verification of software images installed on the affected device. (CVSS v3 score 9.3)

CVE-2022-20708: Command injection flaw in the web-based management interface of the routers, which suffers from insufficient user-supplied input validation. (CVSS v3 score 10.0)

Cisco warns that some of these vulnerabilities need to be chained together to exploit an RV series router.

“Some of the vulnerabilities are dependent on one another. Exploitation of one of the vulnerabilities may be required to exploit another vulnerability,” explains the Cisco advisory.

Also Read: 5 ways on how to destroy documents securely to prevent data breach

The vulnerabilities tracked CVE-2022-20700, CVE-2022-20701, CVE-2022-20702, CVE-2022-20703, CVE-2022-20704, CVE-2022-20705, CVE-2022-20706, CVE-2022-20710, and CVE-2022-20712 affect:

  • RV160 VPN Routers
  • RV160W Wireless-AC VPN Routers
  • RV260 VPN Routers
  • RV260P VPN Routers with PoE
  • RV260W Wireless-AC VPN Routers
  • RV340 Dual WAN Gigabit VPN Routers
  • RV340W Dual WAN Gigabit Wireless-AC VPN Routers
  • RV345 Dual WAN Gigabit VPN Routers
  • RV345P Dual WAN Gigabit POE VPN Routers

The CVE-2022-20699, CVE-2022-20707, CVE-2022-20708, CVE-2022-20709, CVE-2022-20711, and CVE-2022-20749 vulnerabilities only affect the following Cisco products:

  • RV340 Dual WAN Gigabit VPN Routers
  • RV340W Dual WAN Gigabit Wireless-AC VPN Routers
  • RV345 Dual WAN Gigabit VPN Routers
  • RV345P Dual WAN Gigabit POE VPN Routers

Even if your product isn’t affected by any critical vulnerabilities, there’s always a chance that threat actors will chain several less severe flaws to achieve high-impact attacks.

If you’re using any of the products listed above, it is highly recommended to apply the security updates as soon as possible.

PoC exploits available

The Cisco “Product Security Incident Response Team (PSIRT) states that they are aware of proof-of-concept exploit code available for several of the vulnerabilities fixed in these updates.

The CVE-2022-20699 vulnerability was discovered and used by the FlashBack Team during the Pwn2Own Austin 2021 hacking contest.

FlashBack’s Pedro Ribeiro says they will be demonstrating the exploit and releasing a public PoC as part of their talk at OffensiveCon 2022 titled “Pwn2Own’ing Your Router Over the Internet.

It is unknown what PoC exploits are available for the other vulnerabilities, however once security updates are released, these PoCs tend to become publicly fairly quickly.

Once they are public, threat actors will quickly utilize them in attacks, making it important to update any RV routers as soon as possible.

0 Comments

Let us help you out.

Grab your free consultation NOW!

Privacy Ninja

Data Protection​

Cybersecurity

Support

Company

Locations

Singapore

7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987

Thailand

The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand



email-icon
Facebook Twitter Linkedin Youtube

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
TALK TO US
×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

× Chat with us