[SingCERT] High-Severity VuInerabilities in Cisco Products

Published on 30 Sep 2019

Updated on 23 Oct 2019

Background

Cisco has released security updates to address 13 high-severity vulnerabilities found in multiple Cisco products.

The vulnerabilities are:
• CVE-2019-12648 - A vulnerability in the IOx application environment for Cisco IOS Software could allow an authenticated, remote attacker to gain unauthorised access to the Guest Operating System (Guest OS) running on an affected device.
• CVE-2019-12652 - A vulnerability in the ingress packet processing function of Cisco IOS Software for Cisco Catalyst 4000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
• CVE-2019-12647 - A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.
• CVE-2019-12654 - A vulnerability in the common Session Initiation Protocol (SIP) library of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device which will result in a DoS condition.
• CVE-2019-12658 - A vulnerability in the filesystem resource management code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to exhaust filesystem resources on an affected device and cause a DoS condition.
• CVE-2019-12655 - A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.
• CVE-2019-12646 - A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.
• CVE-2019-12653 - A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device which will result in a DoS condition.
• CVE-2019-12657 - A vulnerability in the Unified Threat Defense (UTD) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.
• CVE-2019-12650/CVE-2019-12651 - Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device.
• CVE-2019-12656 - A vulnerability in the IOx application environment of multiple Cisco platforms could allow an unauthenticated, remote attacker to cause the IOx web server to stop processing HTTPS requests which will result in a DoS condition.
• CVE-2019-12649 - A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install and boot a malicious software image or execute unsigned binaries on an affected device.

Affected Products

Out of the 13 vulnerabilities, two affect both the Cisco IOS Software and Cisco IOS XE Software, two affect the Cisco IOS Software, eight affect the Cisco IOS XE Software, and one affects the Cisco IOx application environment. Cisco has confirmed that none of the vulnerabilities affects Cisco IOS XR Software or Cisco NX-OS Software.

Impact

Successful exploitation of the vulnerabilities could allow an attacker to gain unauthorised access to the affected device, inject malicious commands, or cause a DoS condition.

Recommendation

Users and system administrators of the affected products are advised to install the latest security updates available immediately. More details on the security alerts can be found at https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-72547.

Reference

https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-72547