Cisco Systems, Inc. (NASDAQ:CSCO) has come to terms with vulnerabilities well known for attacking its IOS and IOS XE networking software. The company released 34 patches of the vulnerabilities of which three are critical remote code execution security bugs. The most serious vulnerability involves the IOS and IOS XE software whereby the networking operating system is deployed once it is attacked. However, the company was able to seal any future exploitation attempts through the use of hidden default account known as “cisco,” and a static password.
Other possibilities of exploiting the bug
Every coin has two sides and so is the exploitation of the bugs attacking the software. A remote unauthenticated attacker can exploit a flaw and network admins can reboot the devices. It is also possible to remove the account by typing “no username cisco”. However, if the admins want to retain the account, they can so by logging into their devices using regular admin user. It is also necessary to make use of the account by changing the cisco’s account default password.
Apparently, this happens to be the second account that Cisco is removing from its software in a span of one month. In a previous incidence, the company removed a software application from Cisco PCP, which can be used for remote installation and maintenance of various video products.
The vulnerability is due to incorrect bounds checking of certain values in packets
One of the many bugs, which Cisco engineers have found is CVE-2018-0151. It is a remote code execution bug, which attacks the QoS subsystem of IOS and IOS XE. The company outlines that the vulnerability is as a result of inaccurate bounds checking of various values in packets. Apparently, a majority of these packets are intended for UDP port 18999 of an affected device.
The status makes it easy for an attacker to exploit the vulnerability through the use malicious packets. Nonetheless, Cisco has sent out a word of caution citing that it is quickly taking charge of any attempt or malicious attacks to the running software. The security firm, which found the flaw, Embedi, also claims to have a proof-of-concept exploit code