Critical vulnerability affects Cisco’s industrial heavy-duty WiFi access points


The global networking giant Cisco released software updates addressing a critical 10 out of 10 vulnerability affecting Ultra-Reliable Wireless Backhaul (URWB) access points, which are commonly deployed in industrial environments, such as manufacturing plants. The bug allows unauthenticated, remote attackers to inject commands with root privileges.

The vulnerability lies in the web-based management interface of Cisco Unified Industrial Wireless Software for URWB devices. It affects three models of Cisco Catalyst access points:

  • Catalyst IW9165D Heavy Duty Access Points
  • Catalyst IW9165E Rugged Access Points and Wireless Clients
  • Catalyst IW9167E Heavy Duty Access Points
ADVERTISEMENT

Cisco markets these devices for critical industrial applications across various sectors.

“This vulnerability is due to improper validation of input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system,” Cisco explains in the security advisory.

Attackers could exploit this to run arbitrary commands at a root level on the device.

The vulnerability affects only products operating in URWB mode. To determine if this mode is enabled, Cisco suggests using the show mpls-config CLI command.

“If the command is available, the URWB operating mode is enabled and the device is affected by this vulnerability. If the command is not available, the URWB operating mode is disabled and the device is not affected by this vulnerability,” the advisory reads.

Gintaras Radauskas jurgita Konstancija Gasaityte profile Paulius Grinkevicius
Don't miss our latest stories on Google News

Cisco urges customers to install free software updates through “usual update channels.” There are no other workarounds to mitigate this flaw. All versions of Cisco Unified Industrial Wireless Software prior to 17.15 are affected.

For now, there were no reported cases of malicious exploitation of the vulnerability.

ADVERTISEMENT