Vulnerabilidades en productos Cisco
Se han corregido múltiples vulnerabilidades en toda la gama de productos Cisco.
Riesgo: Crítico
Las vulnerabilidades incluyen:
- Escalada de privilegios,
- Inyección de comandos,
- Ejecución de código arbitrario,
- Ejecución remota de código con privilegios de root,
- Generar una condición de denegación de servicio (DoS),
- Instalación de software no autorizado en el dispositivo,
- Acceder al sistema mediante el uso de credenciales embebidas,
- Manipulación de ficheros.
Sistemas Afectados:
- Cisco IOS XE, versión 16.3.1 y anteriores si tienen configurado la aplicación IOx hosting infrastrucutre;
- Los siguientes productos Cisco que estén ejecutando una versión vulnerable de Cisco IOS Software:
- Cisco 809 and 829 Industrial ISRs,
- CGR1000,
- Cisco IOS;
- Cisco IOS XE;
- Cisco IOS XXR;
- Cisco IOS XE, con la web UI habilitada;
- Cisco IOS XE, con la característica servidor HTTP habilitada;
- Cisco IOS o Cisco IOS XE, configurados para CIP. CIP no viene configurado por defecto;
- Cisco IOS o Cisco IOS XE, configurados para aceptar conexiones SSH;
- Cisco IOS o Cisco IOS XE, con la característica IKEv2 configurada. Los dispositivos con la característica IKEv1 no se encuentran afectados.
- Cisco Catalyst Series Switches, que ejecutan una versión vulnerable de Cisco IOS o Cisco IOS XE:
- Cisco Catalyst 4500, que estén configurados para SNMP polling, y disponga de tarjetas Power over Ethernet (PoE) instaladas;
- Cisco Catalyst 9800, que dispongan de la característica Aplication Visibility and Control (AVC) habilitada, o estén configurados con LSCs.
- Catalyst 3650 Series Switches;
- Catalyst 3850 Series Switches;
- Catalyst 9200 Series Switches;
- Catalyst 9300 Series Switches;
- Catalyst 9500 Series Switches.
- Routers Cisco, que ejecuten versiones vulnerables de Cisco IOS o Cisco IOS XS, con las siguientes características configuradas:
- Cisco Unified Border Element (CUBE);
- Cisco Unified Communications Manager Express (CME);
- Cisco IOS Gateways con Session Initiation Protocol (SIP)
- Cisco TDM Gateways;
- Cisco Unified Survivable Remote Site Telephony (SRST);
- Cisco Business Edition 4000 (BE4K).
- Los siguientes dispositivos que dispongan de Cisco NX-OS y tengan la característica onePK habilitada:
- Nexus 3000 Series Switches;
- Nexus 5500 Platform Switches;
- Nexus 5600 Platform Switches;
- Nexus 6000 Series Switches;
- Nexus 7000 Series Switches;
- Nexus 9000 Series Switches en modo NX-OS independiente (standalone).
- Dispositivos Cisco que ejecuten versiones de Cisco IOx Application Framework anteriores a la 1.9.0:
- 800 Series Industrial Integrated Services Routers (Industrial ISRs);
- 800 Series Integrated Services Routers (ISRs);
- 1000 Series Connected Grid Routers (CGR1000) Compute Module;
- IC3000 Industrial Compute Gateway;
- Industrial Ethernet (IE) 4000 Series Switches;
- Dispositivos basados en IOS XE:
- 1000 Series ISRs,
- 4000 Series ISRs,
- ASR 1000 Series Aggregation Services Routers,
- Catalyst 9x00 Series Switches,
- Catalyst IE3400 Rugged Series Switches,
- Embedded Services 3300 Series Switches,
- IR510 WPAN Industrial Routers.
Referencias: CVE-2020-3227, CVE-2020-3205, CVE-2020-3198, CVE-2020-3198
Solución:Descargar las actualizaciones desde el panel de descarga de Software de Cisco
Notas: Cisco IOx for IOS XE Software Privilege Escalation Vulnerability
Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Inter-VM Channel Command Injection Vulnerability
Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities
Cisco IOS XE Software Web UI Command Injection Vulnerability
Cisco IOS XE Software Web UI Privilege Escalation Vulnerability
Cisco IOS XE Software Web UI Command Injection Vulnerability
Cisco IOS XE Software Web UI Command Injection Vulnerability
Cisco IOS XE Software Web UI Command Injection Vulnerability
Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability
Cisco IOS and IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability
Cisco IOS and IOS XE Software Session Initiation Protocol Denial of Service Vulnerability
Cisco IOS XE Software Command Injection Vulnerability
Cisco IOS XE Software Web UI Remote Code Execution Vulnerability
Cisco IOS XE Software Flexible NetFlow Version 9 Denial of Service Vulnerability
Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers Denial of Service Vulnerability
Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability
Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability
Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Image Verification Bypass Vulnerability
Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Static Credentials Vulnerability
Cisco IOS Software for Cisco Industrial Routers Virtual Device Server CLI Command Injection Vulnerability
Cisco IOx Application Environment for IOS Software for Cisco Industrial Routers Vulnerabilities
Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability
Cisco IOS and IOS XE Software Common Industrial Protocol Denial of Service Vulnerabilities
Cisco IOx Application Framework Arbitrary File Creation Vulnerability