As Report published theta the Cisco router’s are under threat and the company has announced that they fixed the vulnerabilities in Cisco IOS Routers. The Vulnerabilities are in mass form so the vulnerabilities affect the company’s industrial routers and switches.
According to the report, the total vulnerabilities are 25 that have high and critical severity levels were eliminated as part of IOS and IOS XE.
The company also mentioned a number of other recommendations as well as on problems of high and medium severity affecting the IOS and the other software.
CVE-2020-3205 is the most critical and serious issue which allows the unauthenticated attackers to execute the arbitrary shell commands on a VDS server.
The Cyber attacker can exploit the security flaw and simply send the crafted packets to the victim’s device and that was the successful attack that can make compromise the victim’s systems.
The Second Vulnerabilities found is CVE-2020-3198 and this is the same as the previous one.
As the vulnerabilities hit the and authentication of attackers which you can remotely execute the arbitrary code on the vulnerable machine and crash the system after that reboot the device by sending the malicious packets to the machine.
Some Routers of Cisco like ISR 809 and 829 Industrial Routers even 1000 Series CGRs also.
Here the Third vulnerability caught is that CVE-2020-3227 is critical but it is not more dangerous as the earlier one and the flaw has scored 908 points out of 10 on CVSS scale.
CVE-2020-3227: Software Privilege
CVE-2020-3227 fowl has the issue of authorization controls for the Cisco 10x Infrastructure in Cisco IOS XE
As you all know, a simple bug can make authentication and credentials bypass and let the attacker full access to the machine. The same happens with the Cisco IOxAPI and executes commands remotely.
So what happened the vulnerabilities turned out to be the IOx that does not correctly handle requests for authorization tokens and the result is that it allows an attacker to use a special API commands requests a token and that execute commands on the affected machine.
Cisco already mentioned that it had released the necessary software update that specially addressed the vulnerability that there were no issues available with these updates.
After this cisco released the new Cisco IOS XE software 16.3.1 for the security flaw comes in the router.
CVE-2020-3205: VM Channel
The CVE-2020-3205 Error has been present I the inter-VM channel of the Cisco IOS software for the Router 809,829, and 1000 Series that may be designed as hypervisor architecture. This vulnerability can allow the attacker to enter without unauthenticated and saute the shell commands in VDS of the affected devices.
The security issues are used by the cyber attacker to send malicious packets to the victims machine. If the attackers enter the router and then he/she can efficiently execute the commands with the privilege of the root user and that is the full commands on the device as you say.
After that Cisco released patched software and reminded every user to update with the new software to get rid of these vulnerabilities.
CVE-2020-3198: Code Execution
In the Case of CVE-2020-3198, if the router crash or restart can be targeted by the attacker and the code is executed in the back of the shell. Cisco has mentioned a level of vulnerabilities 9.8 out of 10 points so this is more harmful and potential vulnerabilities than then rest of. Cisco has also published the software updates for the CVE-2020-3198 and now it was under control.
If you have any questions? Please! let me know in the comment section.