CISA Urges IT Teams To Address Critical Vulnerability Affecting Cisco Enterprise Network Function Virtualization Infrastructure Software

CISA released a note this week urging IT teams to update a Cisco system that has a critical vulnerability. 

The vulnerability affects Cisco Enterprise Network Function Virtualization Infrastructure Software Release (NFVIS) 4.5.1 and Cisco released software updates that address the vulnerability on Wednesday.

The vulnerability "could allow an unauthenticated, remote attacker to bypass authentication and log in to an affected device as an administrator," according to Cisco. 

The vulnerability is in the TACACS+ authentication, authorization and accounting (AAA) feature of NFVIS. 

"This vulnerability is due to incomplete validation of user-supplied input that is passed to an authentication script. An attacker could exploit this vulnerability by injecting parameters into an authentication request. A successful exploit could allow the attacker to bypass authentication and log in as an administrator to the affected device," Cisco said.

"There are no workarounds that address this vulnerability. To determine if a TACACS external authentication feature is enabled on a device, use the show running-config tacacs-server command." 

Cisco urged IT teams to contact the Cisco Technical Assistance Center or their contracted maintenance providers if they face any problems. 

"The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory. The Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory," Cisco added, thanking Cyrille Chatras of Orange Group for reporting the vulnerability.

John Bambenek, threat intelligence advisor at Netenrich, said it is a "pretty major problem for Cisco NFV devices that highlights software engineers still struggle with input validation vulnerabilities that have plagued us for almost three decades." 

"Easy acquisition of administrative rights on any device should be concerning and organizations should take immediate steps to patch their devices," Bambenek added.

RECENT NEWS

Reassessing AI Investments: What The Correction In US Megacap Tech Stocks Signals

The recent correction in US megacap tech stocks, including giants like Nvidia, Tesla, Meta, and Alphabet, has sent rippl... Read more

AI Hype Meets Reality: Assessing The Impact Of Stock Declines On Future Tech Investments

Recent declines in the stock prices of major tech companies such as Nvidia, Tesla, Meta, and Alphabet have highlighted a... Read more

Technology Sector Fuels U.S. Economic Growth In Q2

The technology sector played a pivotal role in accelerating America's economic growth in the second quarter of 2024.The ... Read more

Tech Start-Ups Advised To Guard Against Foreign Investment Risks

The US National Counterintelligence and Security Center (NCSC) has advised American tech start-ups to be wary of foreign... Read more

Global IT Outage Threatens To Cost Insurers Billions

Largest disruption since 2017’s NotPetya malware attack highlights vulnerabilities.A recent global IT outage has cause... Read more

Global IT Outage Disrupts Airlines, Financial Services, And Media Groups

On Friday morning, a major IT outage caused widespread disruption across various sectors, including airlines, financial ... Read more

We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy.