- Home
- Alerts & Advisories
- Alerts
- Critical Vulnerability in Cisco Unified Industrial Wireless Software
Critical Vulnerability in Cisco Unified Industrial Wireless Software
8 November 2024
Cisco has released security updates addressing a critical vulnerability (CVE-2024-20418) in Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points. The vulnerability has a maximum Common Vulnerability Scoring System (CVSSv3) score of 10 out of 10.
Successful exploitation of the command injection vulnerability could allow an attacker to execute arbitrary commands with root privileges on the underlying operating system of the affected device.
The vulnerability affects the following products which have the URWB operating mode enabled:
Catalyst IW9165D Heavy Duty Access Points
Catalyst IW9165E Rugged Access Points and Wireless Clients
Catalyst IW9167E Heavy Duty Access Points
Users and administrators of affected product versions are advised to update to the latest version immediately.
More information is available here: