Cisco Router Systems Virtual Private Network Firewall
3 products of Cisco placed as remote access communications and security devices – RV110W Wireless-N VPN Firewall, RV130W Wireless-N Multifunction VPN Router, and RV215W Wireless-N VPN Router need critical patches. The networking giant Cisco has sent a warning sign to organizations using these products – and there are many and most of corporate America and aboard – that all Cisco firewall users of a particular kind along with VPN and router require this security patch which otherwise could lead to hackers and attackers breaching in.
The vulnerability had an impact rating of 9.8 out of 10 on the Common Vulnerability Scoring System. It allows a potential hacker to send unauthorized malicious HTTP requests to the targeted devices. If successful, the exploit could allow the attacker to execute arbitrary codes on the operating system of the affected devices as a high privileged user.
Also, Cisco Webex users have been warned as well. If you have ever installed the Webex Meeting Desktop App, it is essential to check if it still installed or not. Cisco recommends updating it in any case. The company was not sure if the bug has yet been exploited and its information has been around 6 months to the company.
Cisco is also investigating which of its products are affected by a serious container bug in runC, the runtime used by Docker and Kubernetes. The bug could allow an attacker to infect a container with malware that compromises the host system.
The management interface for these devices is available through a local LAN connection or the remote management feature. The vulnerability was discovered by security researchers Yu Zhang and Haoliang Lu, and T. Shiomitsu of Pen Test Partners.
This might be a big downfall for shares of Cisco and gain for Norton Security.