Cisco recently disclosed that dozens of its networking and communications devices are likely vulnerable to a SSH vulnerability that could allow remote code execution. The company confirmed that 42 products are affected, including those in network management, security, routing and switching, unified computing, voice, video streaming, and wireless. Additionally, 51 products in the same lines are under investigation for the flaw. However, at least 48 of Cisco’s supported cloud services and hardware are not confirmed to be vulnerable.
To mitigate the risk, Cisco advised administrators to restrict SSH access to trusted hosts until a software fix is available. They also recommended verifying that devices have sufficient memory for updates and ensuring that hardware and software configurations are supported by the new version. The company urged customers to contact their Technical Assistance Center or maintenance providers for clarification.
The vulnerability was discovered approximately a week after a critical security hole in the OpenSSH server package was revealed. This flaw, a race condition bug, enables command injections that could result in remote code execution and full device control. Cisco is not the only entity affected by this vulnerability, as several popular Linux distributions have been found to include the flaw, putting an estimated 14 million public servants at risk.
While proof-of-concept examples exist for the vulnerability, real-world exploitation is expected to be time-consuming, with estimates ranging from six hours to several days. This provides some relief for administrators, but it is crucial to take precautions and monitor vulnerable products to prevent potential attacks. Cisco’s detailed list of impacted products can be accessed for reference.
Article Source
https://www.scmagazine.com/news/cisco-warns-of-appliances-vulnerable-to-regresshion-vulnerability