Cisco NCS 540, 560, 5500, 8000, ASR 9000 Series routers affected by critical vulnerability

As usual, this week has started with the reporting of a security flaw in one of Cisco developments. According to a vulnerability testing report, the Cisco IOS XR software is impacted by a flaw in the Secure Shell (SSH) authentication feature; if exploited, this vulnerability could allow an unauthenticated remote hacker to log in to an affected device using two different usernames.

According to the report, the vulnerability
exists due to a logical error, which can be triggered when certain actions are
joined during an SSH login on an affected device. Threat actors could abuse
this failure by logging an SSH session on the affected device with a specific
sequence that presents the two usernames used for the attack.

Vulnerability testing specialists in charge of
the report mention that successful exploitation of the flaw could lead to
misrepresentation of login data, user enumeration and even command
authorization failure in very specific cases.

The flaw, tracked as CVE-2019-1842, received a
score of 5.5/10 on the Common Vulnerability Scoring System (CVSS)
scale; the risk of exploitation is mentioned as medium, although the danger of
a potential successful attack is high.

The Cisco vulnerability testing team mentions
that the company corrected the vulnerability with the release of the latest
version of Cisco IOS XR software. No workarounds are known for now, so
vulnerable deployment administrators are advised to upgrade as soon as

This has been a complex year starting for
Cisco, as in less than two months security patches and updates have already
been released for at least five critical security flaws in various products
used in commercial, industrial and even domestic environments.

For more information on recently encountered
security flaws, exploits, cyberattacks, and malware analysis, you can visit the
official website of the International Institute of Cyber Security
, as well as websites of technology companies currently working
to correct these information security incidents.

You Might Also Like