Cisco, a company specialized in building information networks worldwide, has revealed 25 security holes in the data routers devices, which work with Cisco IOS and Cisco IOSXA software, noting that it is among These vulnerabilities are four vulnerabilities classified as "critical", and if exploited by a professional attacker, allow full remote control of the "routers", access to internal network components, and control and control remotely as well.
And advised «Cisco» in its semi-annual security directives, officials of information and communications technology in companies and institutions, whose information networks include, «routers» devices running «Cisco software» quickly download and install the latest security updates issued by the company for these devices, in order to be able to deal with Gaps.
The first vulnerability
The bulletin, which was published by Cisco on the section on information security on its official website, included 233 security advice, identifying the risks of the discovered vulnerabilities, confirming that the security updates needed to address them are up to date and ready to use.
According to the Cisco newsletter, the penetration testing and detection team in the group’s advanced security initiatives group discovered the four critical gaps between 25 vulnerabilities, explaining that the first vulnerability bears the name “CVE-2020-3227”, and its severity score is 9.8 out of 10. Degrees, related to infrastructure authentication controls, that are hosted and run by the Cisco OX application, which manages routers and data routers. The team added that this loophole allows attackers to implement all the orders in this application without obtaining a legitimate permission to obtain these powers from the network manager, and therefore they can execute all orders remotely, and control the rest of the network components and the data circulating inside them.
Communication channel
As for the second loophole, the Cisco team indicated that it bears the name "CVE-2020-3205", and it is a loophole in entering the commands for operating the communication channel between programs known as virtual machines "VM", within the "Cisco IOS" program, And that is in the "Cisco 809" routers, the "Cisco 829 ISR" class, and the "CGR 1000" category, used in industrial applications, and networks containing tools and devices Internet of things.
The team pointed out that because of this vulnerability, the program does not verify sufficiently the signal packets directed to the servers in the network, which could allow the attacker to send harmful packets to an affected device, and then penetrate the system completely.
Random software
The team identified the third vulnerability under the name
"CVE-2020-3198", which allows a remote attacker, who did not obtain authentication and authorization to use in a legitimate way, to implement random code within devices that run the software containing the vulnerability, making it become idle, or it restarts and loads repeatedly , And this vulnerability allows the attacker to send harmful command packets, through the fourth and sixth versions of the Internet Protocols, which limits the incoming and outgoing traffic through these devices, and therefore the severity of this vulnerability reaches 9.8 from 10 degrees, and it is considered a critical vulnerability.
Less severe
With regard to the fourth critical vulnerability, the team defined it as "CVE-2020-3258" and it is less severe, and its severity reaches 5.7 out of 10, as it allows attacks by attackers from the inside, that is, those who work on the information network, and they have access rights. On them, it allows them to obtain powers that allow the implementation of random code, and modify the memory time of the device, in addition to replacing the locations of system memory, and thus influence the devices "router", and the movement of data and circulation within the network.
Confrontation and solution
The company «Cisco» provided a solution to address the gaps, which includes in its first step downloading a program called “Cisco Software Checker”, where after downloading and running it, it identifies and reveals any gaps affecting the different versions of the “Cisco IOS” program, and determines security advice and advice Appropriate to deal with, and how to obtain its own updates and security fixes. This tool also repairs the existing program, or returns it to the version that fixes all the gaps described in all the specific advice.
And Cisco gave a detailed explanation of how to use the program, which includes technical steps, taken by network managers and engineers, to reach the final executable security advice, where this technical explanation can be accessed, through the Cisco Information Security Center page.
The company pointed out that network engineers can obtain a list of results that contain critical critical vulnerabilities, and medium-sized security vulnerabilities, and also determines whether the Cisco IOS program is affected by one or more security vulnerabilities.