09 August 2024Ravi LakshmananVulnerability / Network Security

Cisco Smart Install feature

The US Cybersecurity and Infrastructure Security Agency (CISA) has revealed that threat actors are abusing Cisco Smart Install.SMI) feature intended to gain access to sensitive data.

Agency said It has seen adversaries “obtain system configuration files by exploiting protocols or software available on devices, such as abusing the Cisco Smart Install feature.”

He also said he continues to observe weak password types being used on Cisco network devices, making them vulnerable to password cracking attacks. Password types refer to the algorithm used to store Cisco device passwords in the system configuration file.

Cybersecurity

Threat actors who are able to gain access to the device in this manner will be able to easily access system configuration files, facilitating deep compromise of affected networks.

“Organizations should ensure that all passwords on network devices are stored using an adequate level of protection,” CISA said.8 Type the password. Security for all Cisco devices to protect passwords in configuration files.”

It is also urging businesses to review the National Security Agency (NSA). Advice on misuse of the Smart Install protocol And Network Infrastructure Security Guide To guide the layout.

Additional best practices include using strong hashing algorithms to store passwords, avoiding password reuse, assigning strong and complex passwords, and avoiding the use of group accounts that do not provide accountability.

The development comes as Cisco. warned Public availability of a proof-of-concept (PoC) code for CVE-2024-20419 (CVSS Score: 10.0), a critical flaw affecting Smart Software Manager On-Prem (Cisco SSM On-Prem) that could enable a remote, unauthenticated attacker to change any user’s password can

The networking equipment major also warned of several critical vulnerabilities (CVE-2024-20450, CVE-2024-20452, and CVE-2024-20454, CVSS Score: 9.8) in the Small Business SPA300 Series and SPA500 Series that An iPhone can support a series of phones. An attacker causes the underlying operating system to execute arbitrary commands or cause a denial-of-service (DoS) condition.

Cybersecurity

Cisco said In the bulletin published on August 7, 2024.

“An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow an attacker to overflow an internal buffer and execute arbitrary commands at the root privilege level. “

The company said it does not plan to release software updates to address the flaws, as the devices have reached end-of-life (EoL) status, requiring users to migrate to newer models. .

Did you find this article interesting? Follow us. Twitter And LinkedIn To read more exclusive content we post.





Source link