Blog

Major Security Flaw Found In Some Cisco Routers

Jun 10, 2020 | Blog

Recently, Cisco disclosed the existence of four serious security flaws in their routers that use iOS and iOS XE software. One of the four, CVE-2020-3227 is rated at a severity of 9.8 out of 10.

It allows a remote attacker without credentials to execute commands to the operating software without proper authorization, which in turn, allows a hacker to take complete control over the system.

One of the other security flaws announced, CVE-2020-3025 is a command-injection vulnerability in Cisco 809 and 829 Industrial Integrated Services Routers, and in Cisco 1000 Series Connected Grid Routers. Here, the vulnerability is that since the software doesn’t adequately validate signaling packets, a determined hacker could send malicious packets to the device to gain control of the Virtual Device Server (VDS). From there, they can compromise the entire system.

The third and fourth issues are being tracked under CVE-2020-3198 and CVE-2020-3258, and again targets the company’s 800 Series Industrial Routers. This allows hackers to execute commands to the device, causing it to crash and reboot. Like the first one we mentioned, this one scores a severity of 9.8 out of ten.

The fourth bug is somewhat less serious, scoring only a 5.7 out of ten. A That one allows an attacker to modify the device’s run-time memory, overwriting system memory and executing arbitrary code on an impacted device.

The good news is that the company already has a fix for all of the security flaws outlined above. So if you use any of the devices mentioned earlier, head to the company’s site to be sure you’ve got the latest security patch. Just to be safe, if you use any type of Cisco Industrial Router, now is a good time to double check to make sure you’ve got the latest security patches installed. A few minutes checking could save you thousands of dollars and spare you from a great many sleepless nights.

FBI Program Tasked with Infrastructure Security Compromised

FBI Program Tasked with Infrastructure Security Compromised

The FBI program tasked with ensuring critical infrastructure security has been compromised by hackers, who now offer access to the program's data on the dark web. The breach was initially disclosed by Brian Krebs of Krebs on Security, who claims that the data was for...

Streamline Your Business with the Latest Smart Home Technology

Streamline Your Business with the Latest Smart Home Technology

Are you a business owner looking to get the most out of your Google smart home devices? If so, you're in luck! Google has enabled its Nest products and Android OS with the initial rollout of the Matter smart home standard. This means that businesses now have the...

Data Breach at Sequoia One Exposes Sensitive Customer Information

Data Breach at Sequoia One Exposes Sensitive Customer Information

What do you do when your most personal information has been compromised? This is likely the question that customers of Sequoia One asked themselves earlier this month as they were informed that the company had been hacked. Sequoia One specializes in the management of...

Cisco Reports Critical IP Phone Vulnerability

Cisco Reports Critical IP Phone Vulnerability

As a business owner, it's important to stay informed about potential vulnerabilities that could impact your organization. Recently, Cisco reported a critical vulnerability, tracked as CVE-2022-20968, affecting its IP Phone 7800 and 8800 Series. This new vulnerability...

Google Chrome Releases Two New Features

Google Chrome Releases Two New Features

Google Chrome is one of the more commonly used web browsers. Over the years, though, Chrome has gained a reputation for utilizing a large portion of a computer's memory. This can be a problem if you're running other resource-intensive tasks and don't want to slow...

Get a Free Consultation

 

Fill out the form below to receive a free consultation and learn how we can make your technology worry-free!

 

Contact Information

  • 39301 Badger Street, Suite 500
    Palm Desert, CA 9221
  • (760) 333-8523
  • info@icn.tech